Security and anti-fraud

security and anti-fraud

Security and anti-fraud

Every day, we are working hard to protect your money, ensure the privacy of personal data, and ensure the security of bank transactions. Currently, malefactors use various fraudulent schemes to cheat users and steal large sums of money from their cards. That is why we need to discover, notify and prevent an attempt at fraud.

As we care for you and your money, we have prepared instructions and recommendations that will help you avoid the most common fraud.
Stay vigilant, and don’t share any information about bank data!

How to secure your card?

For you to have the most secure experience when you pay with your card at the merchants, we recommend you observe some basic rules:

Save the PIN and not write it down to your mobile phone or card;
Destroy the envelope containing the PIN received from your bank after you have save it or modified it;
Opt for cards with activation via PinBySMS;
When paying for your purchases, the card must always remain within your visual range. Request a mobile POS-terminal or move to a fixed one;
For any approved or rejected payment made with the trader, request the payment order;
Systematically check the extract from the card account received by e-mail or generated individually through the maibank mobile application, chatbot, or subscribe to the SMS notification service.

Security of card transactions on the Internet

The Internet has become very attractive to cybercriminals, who use ingenious methods to obtain money or confidential banking information from potential victims.

Use a card for online transactions such as payment of goods or services, transfer P2P (card to card), etc. Feed it directly before making the Payment online with the amount required for the transaction;
Make sure that the SSL logo (a security standard for the browser-server link) or Visa secure/ ID Check is present on the merchant's website;
On the payment page, enter the information requested by the trader: Card number, surname and first name on the card, CVV2 code, expiration date, and OTP code for 3D-secure transactions;
Keep all correspondence (receipts, messages) that confirm the purchase.
Warning! No online store will ever request A CARD PIN or other personal data, such as a card balance, ID number (IDNP), etc. Thus, close it immediately if you access a site that requests such information.

Be vigilant when someone asks you for the security features of your card: card number, expiration date, and CVV2/CVC2, the unique code received by SMS to authorize each Payment.

Transactions are not considered fraudulent, completed with all the card security features, and authorized by the unique code received by SMS.

Only your card number, last name, and first name are enough to receive a money transfer on your bank card. That's all!

What is the most common online fraud? Fraudsters use different tactics to deceive people and evade financial resources from their accounts. The most common are:



Social engineering by phone (dreaming)	Phishing or the method "identity theft"	Fictitious offers or bonuses received through social media	Smishing	COVID 19 Scam

What is social engineering?

Social engineering includes many forms of psychological manipulation by telephone or social networks on which attackers use them on the victims. In our case, the aim is to make the victims, MAIB customers act against their reason and share confidential information. Be careful with whom you are talking to and what information you are providing to the other party, especially if it is about data that may make you vulnerable later.

What social engineering provides over the phone (Vishing)

It's a fraudulent method by which you can be contacted by phone or by messaging services (Viber, Telegram, WhatsApp) by malefactors. They claim to be an maib employee and ask you for confidential information under various pretexts. For example, to confirm a money transfer banking operation.

Recommendations:

be vigilant regarding calls coming from outside of the country through communications applications or directly to the phone;
ask the caller's name and tell him you will return. Check its identity with the bank by calling 1313.
do not transmit financial data, passwords, or access codes through telephone calls. The bank will never request sensitive information in this way.
keep all correspondence (receipts, messages) that confirm the purchase.
block any suspicious number;
If you have become the victim of a fraud attempt, please inform us at 1313 by e-mail at infofraud@maib.md and notify the police.

What is phishing or method of "identity theft"

Phishing is one of the most common cyber attacks. It is used to obtain personal information, such as bank account data or how to access it online.

Typically, this type of attack appears as an email message that claims to be from the bank and asks you to click on a link or attachment. This link directs you to a false site, which reproduces the official page of maib very well. This captures confidential banking and personal information such as first and last names, addresses, personal IDNP code, card number, access passwords, etc.

Recommendations:

do not access any of the outgoing links;
does not respond to incoming messages;
nobody is communicating your card data (PIN-code, CVV2/CVC code – the three digits on the back of the card, the unique transaction confirmation password);
route the message as soon as possible to our email address: infofraud@maib.md, to help identify attackers.

Fraud in the form of offers or fictitious bonuses received through social media

Sam/phishing scenarios are campaigns, such as offers/contests/wins, generally promoted through social media.

The purpose of these messages is to:

to let you know that you have been chosen, winner;
to promote fake promotional offers purchased by victims.
these actions have the following consequences:
the gain will never be booked to your account or paid products will never be delivered;
the security data of the bank card used is retained and subsequently used to complete transactions that you do not authorize.

Recommendations:

before you buy a product online, check the website reviews;
pay using secure payment services. If payment must be made via card/bank transfer, ATU
Pay attention to adverts, such as "bomb discounts", "easy gain with little money". It is most likely to be an attempt at fraud;
be aware of the pop-up windows that open automatically when accessing sites. As far as possible, sets windows of this type to be blocked in the browser settings;
If you have become the victim of a fraud attempt, please email us at infofraud@maib.md and notify the police.

What is smishing

Smishing (word combination between SMS and phishing) is trying to mislead you by text messages to obtain personal, banking, or security data. As a rule, you receive messages with the following content: "Congratulations! You won the "X" prize. To collect the prize please distribute this message to 5 friends and fill in your personal data form/card data (card number, expiry date, CVV)."

Recommendations:

do not access links or attachments received via SMS from unknown persons;
do not act in a hurry, check the information;
never respond to an SMS requesting your PIN, mobile banking access passwords, or other confidential information;
announce us by email to infofraud@maib.md and notify the police if you have received such an SMS.

What does COVID 19 Scam require

Adapted to the current context, malefactors have rapidly developed the COVID 19 thematic scam for unwarranted benefits. Potential victims are contacted by telephone or receive messages via social media (Facebook, Odnoklasniki, Vkontakte, etc.) from friends or relatives whose accounts have been broken. Under the pretext of providing treatment aid, they are asked for a certain amount of money or personal bank data to make a lump-sum transfer.

Recommendations:

contact directly people presumed to be ill or in need of financial assistance;
do not provide personal data, card information, passwords, or unique identification codes on the phone, regardless of the quality of the persons invoked by the other party;
do not transfer money to unknown persons, regardless of the reason and situation they invoked;
If you have become the victim of an attempt to fraud, please inform us at 1313 by e-mail at infofraud@maib.md and notify the police.

How do you process if you have become the victim of swindlers

if you have, however, become the victim of fraud by providing confidential personal and banking data, follow these steps:



immediately lock the card through the maibank mobile app or self Service calling 1313;	reissue the compromised card directly from the bank or to the nearest bank unit;	inform us at 1313 or by e-mail at: Infofraud@maib.md and seat the police.