There are customers who have lost more than 30,000 euros. The bank is not responsible for the invasion of the accounts and says that the customers authenticated themselves on a fake website.
There are more and more victims of bank computer fraud. TVI Exclusive (part of the CNN Portugal group) has received dozens of complaints from Banco CTT customers. They were left without money after someone hacked into their online bank account and transferred the money to another account.
Most of the cases happened in December last year and they are still without seeing a dime.
There are customers who have lost more than 30,000 euros. The bank is not responsible for hacking into the accounts and says that the customers authenticated themselves on a fake website.
When contacted by Exclusivo, Banco CTT explains that no bank can prevent the creation of fake websites.
“Banco CTT is aware of the impact that these practices have on its customers (…), but it cannot assume responsibility or the consequences of illegal acts committed by third parties. (…) We are convinced that this prompt and adequate reaction to the events has allowed the partial recovery of the assets illegally appropriated by the authors of the aforementioned conduct, which will allow the corresponding compensation of the respective victims”.
The Exclusive had access to the values that lost about 20 customers: they range from 32 thousand euros to 200. None of them has recovered the stolen money.
The Bank of Portugal did not answer specific questions about the victims of Banco CTT, leaving only security warnings.
“The Banco de Portugal, in the exercise of the powers conferred on it by law, monitors the conduct of the institutions it supervises, in particular through the analysis of complaints from bank customers. In this context, it applies appropriate measures, including administrative offenses, whenever it detects signs of non-compliance with the rules applicable to their activities in the retail banking markets.
Exclusivo has analyzed some cases to try to understand how this computer fraud was perpetrated on more than 20 people. Porfírio Trincheiras, cybersecurity specialist, first points to the URL of the site.
“The phishing site that appeared on Google has a very similar description (to the original site), with minor variations, and appears first as an advertisement.”
The fake link appeared first in Google searches for a few days, and the ad was reportedly paid for by the hackers. Confident customers of the bank entered their username and password. On another computer, someone was already waiting for the information.
“(The hacker) performs an operation to programmatically request activation of the application, which returns the same message that the user receives and places on the phishing site. From there, the hacker can install the app,” the cybersecurity expert explained.
After installing the application on the phone, the hacker impersonates the customer and transfers the money to another account of his choice.
“Here, the secret was to get a cell phone, link the app to the victim’s account, and from there, the transfers are made without the victim noticing because SMS is no longer needed.”
The victims filed a complaint with the authorities. They sent letters to the Bank of Portugal and Banco CTT, which responded in a straightforward manner.
“The aforementioned investigations have led us to conclude that there is strong evidence that third parties have illegally created web pages that appear (albeit crudely) to belong to Banco CTT, which you have accessed, allowing these third parties to illegally obtain your access data to the digital channels and, once in their possession, to carry out the debit transaction. (…) Banco CTT is not aware of the so-called “cybercrime phenomena”.
