Phishing, Smishing and Vishing

• Phishing is a fraud attempt that happens via email. A typical phishing attack occurs when a legitimate-looking email, appearing to come from a bank or another genuine financial institution, is sent to you requesting that you to click on a link to update or verify your personal data or account information.

• Smishing is much like phishing, except that text messages sent to mobile phones are used rather than emails. In a smishing message you could be requested to click on a link in the text and be redirected to a legitimate-looking website where you are requested to supply your personal and/or account information, just as you would in a phishing scam.

• Vishing is a tactic used by criminals over the telephone where you are called and lured into divulging personal information to an automated system or to a person. Criminals also use a tactic called 'caller identity spoofing', where calls appear to be made from a genuine or known number, allowing the fraudster to obtain your personal details.

BNF Bank will never ask you to verify your PIN, password or log-in credentials, and we will never send you a link to confirm such information. When we speak with you over the phone we only confirm pre-defined security questions that only you know the answers to.

Tips to avoid becoming a victim:

• Always be alert for suspicious emails or text messages that request for your personal information or banking details. If you want to access BNF Internet Banking, type www.bnf.bank from your browser and from here navigate into the Internet Banking platform. Never click on a 'quick link' in an email.
• Make sure you're secure. Keep your anti-virus and operating system software up-to-date.
• Close the security loop. To approve online payments, register for the BNF Internet Banking SMS one time password that your receive on your mobile phone. If you see an approval request for a transaction you don't recognise, you should contact BNF Bank immediately.
• Avoid giving anybody remote access to your PC. Never give out your card details to anyone unless you're sure they're legitimate. Ask to pay online via a secure platform or website.
• Look at your url bar. Secure sites always start with 'https' (rather than 'http'). They will also have a gold lock next to their urls. If the gold lock is next to an 'http', this is a sign that it is a case of a fraud.
• If you suspect that your personal information has been compromised in a phishing or smishing scam, act quickly. Immediately change your password via BNF Internet Banking.
• If you receive a phishing email, do not respond to it. Ignore it or report it to us by sending a copy of it to customercare@bnf.bank. We will then report it to our IT Security Unit.