Protection against financial fraud

In an increasingly digital world, it is important to know about potential dangers to be able to protect yourself from online fraud. This page will inform you about the most common forms of online and financial fraud. You will also find tips and resources for securely navigating through the digital financial world.

Phishing and scams

Phishing means that criminals trick recipients with fake e-mails, text messages and other kinds of messages. They seem as if they are coming from trustworthy institutions or well-known companies and frequently use logos of banks, government agencies or well-known online services. As a rule, financial service providers have good security systems in place. That is why criminals try to get information from their victims by assuming trustworthy identities (e.g. of public authorities, banks, parcel delivery services, employees of online shops etc.). The e-mail addresses fraudsters use can be very similar to the e-mail addresses of real companies or institutions. Typically, fake messages speak of some urgent matter that requires immediate action to prevent negative consequences. Often they contain links leading to fake websites that look very similar to real bank or company websites. This is how victims are tricked into entering their login details, which gives fraudsters access to victims’ bank accounts and private information. In some cases, these mails come with attachments to install malware on the victims’ devices. This malware can then access personal data like PINs and TANs.

E-mails promising lottery winnings, inheritances, cheap real estate or high commissions are, as a rule, scam mails. Criminals try to get people to make payments by making tempting promises. The tactics are very similar in most cases. First, the criminals promise that you will receive a large amount of money. The victims then are prompted to transfer increasingly large sums to a contact person in order to make great profits later. Often, victims realize only after the contact person has disappeared without a trace how much money they have lost.

Bei Erhalt von E-Mails, die unerwartete Lotteriegewinne, Erbschaften, günstige Immobilien oder hohe Provisionen versprechen, handelt es sich oft um einen Scam. Kriminelle versuchen in solchen Fällen, Personen durch verlockende Versprechungen zu einer Vorauszahlung zu drängen. Die Vorgehensweise ist dabei in allen Fällen sehr ähnlich. Die Kriminellen machen zuerst Versprechungen, dass man große Geldbeträge bekommen wird. Die Opfer werden dazu veranlasst, erst kleine und dann immer größere Geldbeträge an die vermeintliche Kontaktperson zu überweisen, um später damit große Gewinne zu erzielen. Erst wenn die Kontaktperson spurlos verschwindet, wird realisiert, wie groß der finanzielle Verlust ist. 

Requests for login details and passwords for your own bank account are red flags. Remember that you only need these data when you log on to your online banking to make payments. For payments in online shops, you only need your card’s number, expiration date and CVC code. Sometimes you have to approve a payment in your banking app. In that case, you should carefully check the provided information before authorizing a payment.

In love scams, criminals use platforms like social networks, messenger services, e-mails and dating apps to gain their victims’ trust with fake profiles. They create emotional dependency by sharing – seemingly – personal details and making their victims think they want to meet them. After a while, however, the scammers will demand financial support and ask for money or vouchers. They promise to pay back the money, but that never happens. After a short while, the scammers disappear and can no longer be contacted.

In job scams, criminals publish fake job ads on online job portals. They lure job seekers to websites that look deceptively similar to websites of well-known companies. In what seems to be an online application process, applicants are urged to upload personal data and even photos of their ID. Applicants are requested on false pretexts to participate in a video identification procedure of a bank. The criminals then open a bank account in the name of the applicant – without their knowledge – to use it for illegal activities.

In the real estate market, fraudsters take advantage of people looking for a home. They publish fake ads for luxury apartments in prime locations on the internet. The asking rent is often cheaper than for comparable offers to attract as many people as possible. The alleged landlord or landlady usually states that they are abroad for professional reasons and are urgently looking for a tenant. Would-be tenants are asked to pay a deposit to secure a viewing, which, they are told, they will get back if they do not take the apartment. However, neither do the would-be tenants get a key to view the apartment, nor do they get their money back.

As people increasingly pay with their smartphones, a common tactic used by fraudsters is to establish a connection to their victim’s smartphone to get access to their banking and payment details. In most cases, the victims themselves unknowingly authorize these connections. The fraudsters then have free access to the victim’s account and can cause huge financial damage. If you are unsure about or do not know a device that is connected to your smartphone, you should delete the connection and contact your bank.

Always be skeptical about unexpected messages and calls. Fraudsters continuously come up with new scams. This is why you should never disclose any confidential data on the phone or on websites you have accessed through links in messages.

What to do when you get a phishing or scam message

Here is some advice for when you get a phishing or scam message:

• Move suspicious mails into the spam folder. This way the mail program will be able to recognize phishing and scam messages better in the future.
• If you receive a suspicious message via text message or messenger service, you should immediately block the number.
• Don’t open any links or attachments in suspicious messages.
• Never make any payments just because you were promised a prize, more information about a particularly lucrative job, the key for viewing an apartment and so on. It is very likely that you’re dealing with a scam.
• Never pass on personal or financial information via e-mail or on the internet (for example in forums or on communication platforms).
• Inform companies, banks, etc. whose names have been falsely used (as senders) in suspicious e-mails or messages so that they can take action.
• If you are unsure whether the message is real or whether you are dealing with a phishing attack, you should check the sender details, e.g. by having a closer look at the sender e-mail address. It is also a good idea to look for phishing messages on the internet. Often you will find information that can help you distinguish a phishing message from a real one.

Online shopping scams

Fake online stores are fraudulent websites that often pretend to sell high-quality products at extremely low prices, or copy the websites of well-known companies to trick consumers. They ask shoppers for personal data (for example name, address, date of birth) during the payment process and allow only advance payments. The ordered goods will never be delivered. Victims of this scam do not only lose the money they paid, but also risk greater losses by having disclosed credit card and bank login details. Criminals can use the victim’s personal data to create fake profiles or place more orders under the victim’s name.

Loan fraud

Loan fraud often follows the following pattern: Fraudsters target their victims by making unrealistic offers like loans without an assessment of creditworthiness and extremely low interest rates. People who have entered into this deal are pressured into paying upfront fees, allegedly for the contract or an identity check. The victim never gets the loan and all the money they have paid is lost. Be aware of such tactics especially when you’ve been searching for loans online. Criminal organizations often send unrequested loan offers via e-mail, social media or messenger services to target unsuspecting people who need a loan but would not get it from their bank.

Investment fraud

Crypto asset fraud

Criminals often use social media to spread offers and information on crypto assets that either do not exist or whose price they artificially inflate until enough investors have invested money. They then sell their shares and make great profits, and prices fall; as a result, all other investors suffer losses. 

Fraudulent investment platforms (online brokers)

Investors should be aware of a high risk of fake platforms in online trading. Scammers entice victims through flashy adverts to visit websites of seemingly genuine online brokers. They are promised unrealistically high profits if they invest large sums. The investment platform then contacts the victims and pressures them to invest more and more. In reality, no trading takes place. Fake websites quickly disappear again. Consumers should check investment platforms carefully before engaging in any activities to protect themselves from fraud. At watchlist-internet.at you can check whether an investment platform is trustworthy or not.

Pyramid schemes (Ponzi schemes)

In a pyramid scheme, investors need to invest a certain initial amount and recruit new investors at the same time. The deposited amounts, however, are not actually invested. They are used to pay commissions and profits for investors that are already part of the scheme. The goal is to get as many new investors as possible to profit from the amounts they pay into the scheme. 

The initiators of pyramid schemes as well as early investors profit the most, because they get a huge part of the amounts paid in by new investors. However, as soon as there are no new investors anymore, the system collapses and the invested money is lost.

Pyramid schemes are often promoted by very charismatic people promising risk-free financial investments with high returns, while giving only scarce insight into background documents. Any pressure to find new investors to make investments is a red flag. Pyramid schemes are illegal in Austria and will be legally prosecuted.

Fraudster tactics

Knowing the most common tactics fraudsters use will help you stay alert to fraud.

How to spot fraud

Watch out for messages and e-mails that do not use your name, contain spelling and grammar mistakes and sender e-mail addresses that do not exactly match the addresses of real companies or institutions. Phishing and scam messages urge recipients to act quickly so that they would not suffer negative consequences or miss out on great opportunities. This false sense of urgency is to make people click on links or information without thinking.

What to do when you have been a victim of fraud

If your bank details have been stolen through fraud, immediately notify your bank and demand that your account will be blocked. Most banking apps allow you to easily block bank and credit cards yourself.  In addition, you should report the fraud to the police so that any data misuse can be documented. It is important to stop all communication with fraudsters and refrain from making any more payments. If you have clicked on suspicious links, change your passwords immediately and update your security software.

Save the phishing message or make a screenshot so that it will be easier to trace its originators and enforce your rights. It is important that the copy shows the recipient, the sender and the date on which you received the message. Saving your browser history or making a screenshot is also a good idea. That makes it is easier for authorities and courts to understand what exactly has happened and when, which can be very helpful to enforce your rights.

Protect yourself against fraud

In order to protect yourself against financial and online fraud, try to stay informed, not only by following the news but also by visiting the website watchlist-internet.at from time to time, which publishes the latest news on financial fraud. The Financial Market Authority (FMA) also regularly updates its website with the latest on financial fraud.

It is harder for fraudsters to succeed when they have little information on potential victims. This is why you should put as little personal information as possible on the internet. Regularly install updates and optimize data protection as well as security settings on all your devices and apps. You can find instructions for changing the privacy settings of various online services at saferinternet.at. Passwords should be long, complex and unique. It is also recommended to use two-factor authentication to protect data from unauthorized access.