Tag: #phishing

Cybercrime is the number one threat when it comes to financial crime in Ireland

Hacking, phishing, online scams, and other variations of cybercrime are thought to be the most prevalent financial crimes in Ireland, as found in a new survey by the Compliance Institute, which polled 230 compliance professionals working primarily in Irish financial services organisations nationwide.

When asked what they consider to be the most prevalent financial crime in Ireland, respondents to the Compliance Institute Financial Crime answered as follows:

  • Cybercrime (hacking, phishing, online scams)                                                      34%
  • Tax evasion                                                                                                                    21%
  • Fraud                                                                                                                               21%
  • Money laundering                                                                                                         19%
  • Bribery and corruption                                                                                                  4%
  • Insider trading                                                                                                                 1%

Michael Kavanagh, CEO of the Compliance Institute commented on the findings:

While financial crimes from tax evasion to insider trading could be classed as the “traditional” criminal pursuits, cybercrime is more new-age and is developing and advancing at a pace so fast that organisations and legislators cannot keep up.

From the mid-term review of the 2019-2024 Cyber Security Strategy launched in the middle of 2023, we learned of the Government’s plans to create a national anti-ransomware organisation and offer cash subsidies to small businesses to help fight cybersecurity threats. The timelines for this are unclear, but there’s no doubt that the move would be laudable and welcomed with open arms by many businesses that continue to be plagued by ransomware attacks.

These attacks can have catastrophic consequences not just for those whom they are perpetrated against, but for the wider public. We only have to look at the devastation that was caused to patients following the 2021 hacking of the HSE to understand the severity of the crimes”.

Fraud

Mr. Kavanagh continued, “Banking & Payments Federation Ireland (BPFI) stats show fraudsters stole nearly €85 million (€84.6m) through frauds and scams in 2022, an increase of 8.8% on 2021. As a New Year commences, there’s a real concern that we will see an uptick in these figures”.

Mr. Kavanagh concluded,

“Ireland is now Europe’s largest data hosting cluster, putting the need for elevated cybercrime and data protection systems into sharp focus.

Regulators in Ireland, and around the world, are constantly updating and issuing new guidance to firms in response to emerging cyber security issues, such as fake documentation and the reliability of information sources.

Regulators need to ask themselves how they can regulate and supervise without stifling innovation. Businesses and organisations need to ask how can they best prepare and respond, and the general public also needs to know what measures they can take to protect themselves”

6 Ways To Protect Yourself From Hackers

Hacking has been making waves in the tech world, especially since the rise of cryptocurrency. It’s a realm where brilliant minds seek innovation and disruptors try to cause chaos. Shockingly, recent data show that Ireland saw a 37% surge in cryptocurrency theft, totalling about €1.8 billion. Here’s the reality: the risk of getting hacked is greater than ever as these cunning cybercriminals evolve. However, you can fortify your defences by understanding their tactics. Here are six ways you could fall victim to hacking. 

  1. Smartphone apps 

Many people have and love those handy apps that make life easier. In today’s digital world, they’ve become essential. However, your smartphone could be more vulnerable if you’re an Android user without two-factor authentication (2FA). Android’s open-source operating system, while offering flexibility, can be a playground for viruses, making it less secure than the iPhone. When you open an app, you often share sensitive information, potentially giving hackers an open door. The solution is to be picky with your app choices, focus on the ones with credible ratings and reviews, and beef up your security with Two-Factor Authentication on all apps and devices. Don’t forget to double-check your links too. 

    2. Sites-cloning and phishing

Site cloning and phishing are a classic that has been around since the ‘dot-com revolution.’ As they say, ‘the old ones are the best.’ In one scenario, the cyber tricksters create a near-perfect replica of a legitimate website, hoping to trick you into entering your password or secret key. They might even slightly alter the website’s domain, so be vigilant. In the second scenario, they send emails that look identical to official communications but aim to trick you into clicking a malicious link and giving away your data. Trust your instincts, and if something feels off, delete it. Stick to websites with genuine HTTPS protocol. 

   3. Beware of public Wi-Fi

Public Wi-Fi is a hacking scenario that many naturally fear. Your device can connect to a hacker’s Wi-Fi network through a misleading link or accidentally choosing the wrong network. Anything you download or send while connected to that network is fair game for hackers. They can access your private keys from crypto wallets, online banking details, email passwords, and more. This issue is especially critical when using public Wi-Fi in railway stations, airports, hotels, or any crowded spot. Hackers can lurk incognito, waiting for an unsuspecting victim. The rule of thumb here is never to use public Wi-Fi for financial or sensitive transactions, not even with a VPN. Also, keep your router firmware updated, as manufacturers frequently release updates. Meanwhile, you can use SSID as an alternative. But what is SSID? It stands for Service Set Identifier, enabling you to learn more ways to protect yourself on Wi-Fi networks. 

   4. Malicious USB sticks 

You’ve probably heard stories of people finding USB sticks in parking lots and trying to do the right thing by returning them. However, there’s a darker side to this scenario. Sometimes, these USB sticks are loaded with malware and intentionally left by criminals. You don’t need to be the target of a specific attack to fall victim to malware. Inserting random devices like CDs, DVDs, USB drives, or any other found peripherals, such as a mouse or keyboard, puts you at risk of getting hacked. To protect yourself, use reputable antivirus software and make sure it scans all connected devices. While it’s not foolproof and can’t catch every threat, it significantly reduces the chances of falling prey to random malware or malware created by less skilled attackers. 

    5. SMS authentication 

SMS for authentication may seem like a quick and familiar way to confirm your identity, but it’s not as secure as you think. Positive Technologies, a cybersecurity company, has shown how easy it is for attackers to intercept SMS messages containing password confirmations, thanks to the Signalling System 7 (SS7) protocol used worldwide. They demonstrated that any system relying solely on SMS can be accessed by hackers, even if 2FA is used. To protect yourself, turn off call forwarding to prevent data access and consider using a software-based authentication solution instead. 

    6. Malicious documents

Hackers often hide malware in seemingly harmless Office documents like Word or Excel. When you open these files, your computer can get instantly infected. These malicious documents typically arrive in your inbox, disguised as seemingly secure emails. Upon opening, you might receive a pop-up message prompting you to enable macros to view the document’s content. If you allow macros, your computer becomes susceptible to malware attacks. So, avoid enabling macros and never open attachments from suspicious emails or unknown contacts. 

HP Wolf Security report: Daily QR “Scan Scams” Phishing Users on their Mobile Devices

HP Ireland has today issued its latest quarterly HP Wolf Security Threat Insights Report, showing hackers are diversifying attack methods, including a surge in QR code phishing campaigns. By isolating threats on PCs and mobile devices that have evaded detection tools, HP Wolf Security has specific insight into the latest techniques being used by cybercriminals in the fast-changing cybercrime landscape. To date, HP Wolf Security customers have clicked on over 25 billion email attachments, web pages, and downloaded files with no reported breaches.

From February 2022, Microsoft began blocking macros in Office files by default, making it harder for attackers to run malicious code. Data collected by the HP Threat Research team shows that from Q2 2022, attackers have been diversifying their techniques to find new ways to breach devices and steal data. Based on data from millions of endpoints running HP Wolf Security, the research found:

  • The rise of QR scan scams: Since October 2022, HP has seen almost daily QR code “scan scam” campaigns. These scams trick users into scanning QR codes from their PCs using their mobile devices – potentially to take advantage of weaker phishing protection and detection on such devices. QR codes direct users to malicious websites asking for credit and debit card details. Examples in Q4 included phishing campaigns masquerading as parcel delivery companies seeking payment.
  • HP noted a 38% rise in malicious PDF attachments: Recent attacks use embedded images that link to encrypted malicious ZIP files, bypassing web gateway scanners. The PDF instructions contain a password that the user is tricked into entering to unpack a ZIP file, deploying QakBot or IcedID malware to gain unauthorised access to systems, which are used as beachheads to deploy ransomware.
  • 42% of malware was delivered inside archive files like ZIP, RAR, and IMG: The popularity of archives has risen 20% since Q1 2022, as threat actors switch to scripts to run their payloads. This is compared to 38% of malware delivered through Office files such as Microsoft Word, Excel, and PowerPoint.

We have seen a rise in scan scams, malvertising, archives and PDF malware recently, and we would encourage everyone to look out for emails and websites that ask to scan QR codes and give up sensitive data, as well as PDF files linking to password-protected archives. Being aware of the signs to watch out for is the first line of defense when it comes to detecting and eliminating any breaches, it ensures these threat actors don’t gain access to sensitive data and move throughout systems,” explains Val Gabriel, Managing Director of HP Ireland.

In Q4, HP also found 24 popular software projects imitated in malvertising campaigns used to infect PCs with eight malware families – compared to just two similar campaigns in the previous year. The attacks rely on users clicking on search engine advertisements, which lead to malicious websites that look almost identical to the real websites.

While techniques evolve, threat actors still rely on social engineering to target users at the endpoint,” comments Dr. Ian Pratt, Global Head of Security for Personal Systems, HP Inc.

Organisations should deploy strong isolation to contain the most common attack vectors like email, web browsing and downloads. Combine this with credential protection solutions that warn or prevent users from entering sensitive details onto suspicious sites to greatly reduce the attack surface and improve an organisation’s security posture.”

HP Wolf Security runs risky tasks like opening email attachments, downloading files and clicking links in isolated, micro-virtual machines (micro-VMs) to protect users, capturing detailed traces of attempted infections. HP’s application isolation technology mitigates threats that might slip past other security tools and provides unique insights into novel intrusion techniques and threat actor behavior.

The full report can be found here: https://threatresearch.ext.hp.com/hp-wolf-security-threat-insights-report-q4-2022/

How to avoid getting scammed with cryptocurrency?

Scammers always try to steal your money, for which they keep on finding new ways all the time. The cryptocurrency industry is spread on a large scale, which has led to the development of frauds that have created a lot of opportunities for fraud. The past year has broken its records in terms of cryptocurrency crime. If you too are more interested in crypto, then it will be important for you to be aware of the many ways the risks are involved. Read on if you want to know more about crypto scams, how to prevent them, and how to avoid them. If you are looking for a safe and secure trading platform for Bitcoin, you may visit https://quantum-ai.trading/  which will make your trading journey hassle-free.

How to spot cryptocurrency scams?

Let’s first of all you should know how you can detect crypto scams:

 

  • Non-existent whitepaper: A cryptocurrency may have its whitepaper as this is one of the most important aspects whenever the initial coin is introduced. Through the whitepaper, we need to be clear about how the cryptocurrency is designed as well as how it works. If you don’t understand that white paper, you have to tread very carefully. 

 

  • Guaranteed Returns: If you make financial investments, they can never guarantee you returns for the future, because that investment can go down or up. If someone promises to offer crypto, then understand that it will be a risky way for you to earn money, in which only you will have to face loss. 

 

  • Anonymous Member: Many investments are made only with businesses, you may be able to trace who is behind them. This means that anyone looking to drive an investment can easily get an active social media presence. Even if you can’t find out who is running the system, you have to be very careful.

 

  • Excessive Marketing: All businesses that want to promote themselves. But at the same time, many people commit fraud with these digital currencies that it attracts – such as offline promotions, payment influencers, and online advertisements etc. It is intended to reach the greatest number of people in an amount of time and raise money quickly. Stop and do more study if you believe a cryptocurrency offering’s marketing is pushy or makes grandiose claims sans any evidence.

Cryptocurrency investment scams

 

  • Giveaway scam: This is a place where scammers promise to multiply the crypto sent, which is considered a form of giveaway scam. A sense of authenticity and urgency can be created with clever messaging that mimics a legit account on social media. Users may transfer money rapidly in the expectation of immediate rewards because they believe this occasion is a “once in a long life” occurrence.

 

  • Cloud mining scams — Cloud mining simply refers to those companies that allow you to rent mining hardware for a fixed fee that is considered part of the projected revenue. Theoretically, this would enable individuals to mine remotely sans having to invest in costly mining hardware. But a lot of cloud mining businesses are frauds or, at worst, unproductive, meaning you waste money or make less than they promise.

 

  • Phishing Scams — Phishing scams Crypto are scamming that purport to be related to your wallet online and that target your information. Your wallet i.e., private keys is targeted by scammers so that they can access your wallet and steal your funds. The same main way they work is that it can be similar to many phishing attacks and can also be related to fake websites. To entice readers to an especially designed website, they send an email asking for their private key data. The digital coin that is stored in those wallets is stolen once the hackers have access to this information.

 

Phishing emails revealed as biggest cybersecurity threat to SMEs but 50% don’t have security solution in place

A brand-new Cyber Security Pack has been created by Magnet+, Ireland’s largest connectivity network, to help Irish businesses protect themselves against the significant rise in phishing emails as well as other types of vulnerabilities, threats or breaches.

This new product was especially devised by Magnet+ and its security partner Exponential-e, following research conducted by the company which revealed that almost one in four businesses say that email attachments pose the greatest cyber security threat to their business. However, the survey also revealed that 50% of businesses have not implemented an email security solution to prevent this.

So, what does “Phishing” actually mean?

“Phishing” occurs when a cybercriminal impersonates a reputable business or person in an email or other form of communication such as SMS or direct message on social media. Phishing emails often contain malicious links or harmful attachments that can be used to steal confidential user data such as login credentials or credit card numbers. Opening an unknown and potentially unsafe email attachment can have a detrimental impact on any business – not only in terms of financial loss and loss of business, but also reputational damage.

How will the Magnet+ Cyber Security Pack help businesses?

One element of the new product involves engaging a simulated Email Phishing Campaign that will test employee’s security awareness and see if they open a phishing attachment or not. Results will be reported, highlighting any areas for improvement while follow-up training videos will also be offered to staff.

Other elements of the new Cyber Security Pack from Magnet+, which brings a unique mix of services together for the first time making it a beneficial tool if you are planning to invest in cyber security insurance include:

  • A monthly vulnerability scan which will identify weaknesses within your existing security systems by mimicking the actions of the most effective cybercriminals and offer advice on where your business should implement any extra required precautions.
  • A one-off three-day penetration test where intensive attempts are made to break through your cyber defences over a three-day period employing the same tactics used by attackers. This is crucial to identifying weak spots and gaps in your cyber security system already in place.
  • A one-off Cyber Essentials self-assessment which will act as a baseline certification for IT architects and consultants. Magnet+ help secure and protect what you value most 24/7, allowing you to focus on your core business services.

The new product currently being rolled out by Magnet+ is in partnership with international IT, communications and technology innovator Exponential-e.  Magnet+ customers can now be secure in the knowledge that as well as benefiting from world class technical expertise, their business will have the highest level of cyber security controls possible.

Criminals are using QR codes to scam people in restaurants!

There has been a massive increase in the use of QR code restaurant menus over the past two years, and now it seems criminals are using this development to scam innocent people out of their money and data.

According to TitanHQ, an Anti Phishing Platform based in Galway and with offices in Connecticut, almost 84% of smartphone users have scanned a QR code at least once, and over 34% scan a QR code once a week. Cybercriminals love popular technologies and focus on them to scam, hack, and cause malware infection.

This popularity has led to a rise in “QR code phishing” and in the US the FBI even issuing a warning about QR codes, highlighting their use for data phishing. Here is how hackers use QR codes to hack your network and how you can prevent it:

Types of QR Code Phishing Scams

QR codes work by embedding instructions into a black and white dot-based image. They work a little like the barcodes you see on food in a store. A smartphone camera, app, or QR code scanning device scans the QR code. The scan then translates the data into human-readable information.

QR codes usually contain web links or links to media such as videos or links to download an app. This use of links in a QR code provides a cybercriminal with the opportunity to perform phishing.

During the pandemic, many restaurants switched to using QR code menus and have kept them. With a smartphone you can easily access the menu removing the need for  paper menus. The customer simply scans the barcode using their phone’s camera app, and a link to the online menu becomes available.

With a QR code scam the scammer replaces the legitimate menu QR code with a malicious one. Instead of taking the customer to the restaurant website, the fake QR codes takes them to a fake website designed to mimic the real account and have the customer divulge personal data.

QR-Phishing

Quishing is a mashup of QR codes and email phishing. The fraudsters embed a malicious QR code into a legitimate-looking email. A recent example of a quishing attack was a Microsoft Office 365 phishing campaign that used QR codes to steal log-in credentials. Researchers identified spoof Office 365 emails that offered access to missed voicemail messages by scanning a QR code. Scanning the QR code took the user to a fake Office 365 page, which requested credentials to gain access to the message.

QR codes are also being used in various regular scam types, such as tax scams. The UK tax department, HMRC, recently added support for QR codes on their website. However, fraudsters have now used this new feature as a basis for a new QR code tax phishing scam. The spoof HMRC email asks the recipient to scan the code to pay overdue tax. The QR code takes the taxpayer to a spoof site where their financial information is then stolen.

QRL Jacking

This is an older version of the more recent Quishing scam, but one that has phishing implications. QR codes are very convenient for users, and some companies have extended this convenience to their log-in systems, where users scan a QR code to log-in to an account. In QRL Jacking, an attacker navigates to a legitimate site, initiating a session and generating the QR code to log in. The attackers then capture this QR code (for example, using screen scraping) and places this legitimate QR code on a spoof site.

The attacker then uses spear-phishing to target an individual, tricking them into going to the spoof site. The target then uses the captured QR code to log-in; this logs into the original session, thus logging the attacker into the legitimate account. This scam is more challenging to carry out as it is time-sensitive; however, it will be worth the effort if this is a high-value or sensitive account.

QR crypto scams

QR codes are often used to make it more convenient to download a legitimate app. However, they can be used to encourage people to download malicious apps, including crypto-wallets. For example, the QR crypto-quishing scam involves capturing persistent consent (prior authorization) to use the wallet; this allows the fraudster to drain the wallets of cryptocurrency.

Drive-by-QR Code Phishing

Drive-by-downloads of malware are one of the most insidious forms of malware infection. A person must land on an infected site, and a flaw in any software they use can open the door to malware infection. QR code phishers take advantage of drive-by-download opportunities by sending phishing emails with QR codes that take the recipient to an infected website: one scan of the code and their mobile device may become infected with a trojan.

Ways to Prevent QR Code Phishing:

QR codes are one method in a long line of phishers’ favorites. No matter what technology comes along, fraudsters will find a way to exploit it if it is popular. Moreover, a single-point solution cannot capture all possible cyber-attack scenarios. Clever attack chains require a creative response, comprising a mix of security awareness training with advanced AI-enabled spam and content filers.

  1. Know your stuff: Education is key, use behavior-based security awareness training to limit the risks. If you’re worried about your working information, ensure that you include QR code phishing templates in your simulated phishing exercises so employees understand what these phishing emails look like and the different methods used to steal credentials and other data.
  2. Use a DNS filter: This will break the phishing cycle by stopping users from navigating to a malicious website. The DNS filter creates a ‘blocklist’ of URLs, using a dynamic system based on a “threat corpora”, based on the data from millions of subscribers. These data are used to train Machine Learning algorithms. The result is that even emerging malicious URLs are spotted and added to the blocklist.
  3. Apply email filters: Email filters such as SpamTitan use multiple mechanisms to catch difficult-to-detect phishing messages. These mechanisms include advanced AI-based algorithms to spot difficult-to-detect spam.

The Top 5 Threats to Cyber Security

Regardless of whether you love, hate, or have mixed feelings about technology; you cannot doubt its impact on your daily life. The current digital world continues to expand as more people, businesses, and companies adopt remote working. However, as digital activity surges, the criminal desire to take advantage of modern technologies also increases, evidenced by advanced cyber security threats and a rise in digital crime.

In recent years, several major companies have fallen victim to various cybercrimes, ranging from phishing attacks to data breaches. Below are the five major common cyber threats to watch out for.

  1. Phishing Attacks

Phishing attacks are the most common and damaging cyber security threat facing small businesses. These attacks account for an estimated 90% of data breaches facing organizations and cost businesses up to $12 billion in losses. A phishing attack occurs when cyber criminals pretend to be trusted contacts and entice users to click malicious links or download malicious files that give them access to your computer or sensitive information.

Current phishing attacks are more sophisticated, as attackers devise new convincing ways of pretending to be your real business contacts. Phishing attacks are very damaging since they are difficult to combat. Unlike other threats that leverage technological weaknesses, these attacks target humans in a business through social engineering.

However, businesses can take some measures to mitigate these attacks. Using a reliable email security gateway, installing post-delivery protection, and training your employees on identifying phishing emails can reduce the risks of falling prey to phishing emails.

    2. Malware Attacks

Malware threats are the second serious cyber security threat facing both small and large businesses. Malware attacks include various cyber threats, such as viruses and Trojans, used by hackers to gain access to business networks, destroy or steal sensitive data. Malware attacks often stem from malicious downloads, connecting to insecure devices or networks, and spam emails.

Malware attacks have significant damaging effects on small businesses since they can cripple computers and other devices that require expensive repairs and replacements. Hackers also access sensitive customer data, putting your company at risk for legal issues. Fortunately, businesses can mitigate malware threats by installing strong and reliable technological defenses, such as Endpoint Protection, which protects devices from malicious downloads.

Taking advantage of the correct threat intelligence tools allows businesses to stay ahead of emerging threats, providing real-time insights into potential risks. These tools help identify vulnerabilities, enabling businesses to act quickly and prevent attacks before they cause major disruptions

     3. Ransomware

Ransomware is another common cyber threat affecting thousands of businesses every year. Unfortunately, they have grown to become one of the most lucrative executable attacks. Ransomware attacks have some similarities with malware attacks. With these threats, cybercriminals encrypt company data and demand a ransom or give conditions that should be met for the data to be unlocked.

Like other cyber security threats, small businesses are specifically targeted due to their average cyber security framework. Hackers also target small businesses because most of them haven’t backed up their data. So to say, 71% of Ransomware attacks in 2018 were directed to small businesses with ransom demands averaging at $116,000.

That said, businesses should adopt strong cyber security measures, such as Endpoint Protection, to mitigate these attacks. You should also back up company data in the cloud to avoid data loss.

    4. Insider Threats

Insider threats are a serious yet mostly overlooked cyber security threat by most companies. A Verizon analysis found that insider threats accounted for 25% of cyber threats in 2017. As the name suggests, these are risks caused by the actions of your employees, bitter former employees, or your business associates. Since these persons can access company information, greed or malice can steer them into causing disastrous actions.

These threats are a significant problem that can put your employees and customers at risk. It can also expose your company to hefty financial damage. While this cannot be prevented, you can reduce insider threats by developing a strong company culture within your business. You should also increase cyber security awareness since some insider threats are caused by employee ignorance or carelessness.

    5. Cloud Jacking

Cloud computing is a fast-rising trend that most companies have adopted for collaboration, communication, and storage. Unfortunately, while the cloud is deemed safe, this is not always the case. Cloud jacking occurs when cybercriminals infiltrate your cloud computing system. Once they access your business cloud, hackers can reconfigure your cloud code, eavesdrop on company communications, and conduct other damaging actions.

Most cybercriminals use information gained from cloud jacking to run other cyber threats, specifically phishing schemes. With the information gained from eavesdropping, they can create fake memos or instructions that appear to have been approved by the management, tricking employees into clicking or downloading malicious files. To stay safe, businesses should look into staying CMMC compliant, as the goal of your CMMC SSP is to provide a readable overview of your security requirements and the controls you have in place to meet those requirements to anyone looking into your cybersecurity posture.

Conclusion

While these five cyber threats aren’t everything that businesses face, they are arguably the most threatening. As cybercriminals increasingly become smarter and strategic, businesses should advance their cyber security measures. You should ensure that your organization has updated cyber security measures to protect your network and sensitive company data from vulnerabilities.

An Post or any couriers Phishing SMS/ email scams and how to check if legit. #SMS #Scam #Anpost

Recently there have been scams involving AnPost and others including DHL where they ask for small fee to get your parcel delivered, As said before this will not happen but the inclusion of what to look out for is lacking detail. Whilst they do have a warning on their site there is no information there as to what exactly to look out for should you end up getting this message.

Above is  what you need to look out for even if you click the link in the text it is again quite similar to the recent DHL scam which gives you a legit looking page to fill but but with the alpha tag on the sms and the URL on the pages linked it is clear this is another phishing attempt from scammers.

 

Below is video how to check if you have a package or not from An Post this also applies to any courier, go to the website copy and paste the tracking number and see if it exists also check 17track to see if the tracking number exists and if it is life just to be sure. With the pandemic people are now shopping online even more and often the case might forget they had a package coming, also a shipment might have been split or you could be getting a package as a gift and this is the basis these work on..

 

Bank of Ireland sms scam. Here is what to look for. #scams #phishing

It would be fair to say pretty much everyone has a pain in their backside with the scams that are going around now and there is plenty of them and it was only a matter of time before I got one of the latest banking scams and that landed this morning. Having a quick look into it there is several versions of the sms scam which comes up as BOI SUPPORT as the send which will be on top of your screen, if I get an sms from BOI it comes up as BOI and you should be aware of the identifier up on the top of your device and remove old messages if you have any as they can and do come up in the same thread and you might not stop and think about it, this happened me last year so it is something to take down and note.

Above is a sample of what I got and what you can expect to see land on your device so beware and delete and do not click on any links but for those that do (i do to check these things out). Anyway this is what to watch out for and just delete these from your device straight away.,. Check out more – bank of ireland security zone