Tag: #scam

Wave of ‘Hi Mam / Hi Dad..” and bank impersonation scam texts in circulation

Bank of Ireland is advising customers to be vigilant amid a notable rise in impersonation scams, including fake family text and bogus bank alerts.  Impersonation scams are one of the most common tactics used by fraudsters, with criminals posing as trusted contact, to prompt quick action. These scams arrive by text or via messaging apps and are designed to look familiar, urgent and may even be personalised.

The current wave of scams involves fraudsters pretending to be a family member with a damaged or lost phone, asking for the recipient to pay for something urgently.

The message typically begins with a seemingly innocent message such as ‘Hi Mam / Hi Dad, this is my new number….’ followed by a request asking for help to pay for something. In some cases, the fraudster will ask for a payment to be made to a specific bank account or in other cases ask for a card number and then set it up on a digital wallet e.g. Apple Pay or Google Pay (and ask Mam for the code that the bank just sent).

Fraudsters are also sending texts that closely mimic legitimate Bank of Ireland fraud‑alert messages, particularly those asking customers to confirm whether they recognise a recent card transaction. These scam texts are designed to look authentic, using similar wording and formats to real security messages. While Bank of Ireland may contact customers to verify transactions, genuine staff will never ask you to share your full card details, one-time passcodes or to move your money to keep it safe.

Nicola Sadlier, Head of Fraud at Bank of Ireland, said: “Smishing attempts tend to appear in waves, from motorway toll charges to government payment scams, but the goal remains the same – to get people to share their banking details or transfer money directly into the hands of fraudsters.

We have seen the “Hi Mam / Hi Dad…” texts before.  This is a case of fraudsters revisiting a tactic that has worked for them before, preying on a parents’ instinct to respond to a child in need. The sense of urgency in bank impersonation texts is designed to panic people into action to protect their money.

Although 70% of the Irish population are confident they can spot scams according to our latest research*, unfortunately people are still being caught out by these scams. 

Our advice is simple – always be on your guard, and pause.  Whether the message claims to be from your son, daughter, or your bank- always call back on a number that you already know. That one small step protects you and shuts down the scam instantly”.

Bank of Ireland’s guidance to help customers stay in control:

  • If you receive an unexpected message from a child or family member asking for help—do not reply and do not click any links.
  • Verify the sender by calling your family member on their usual number saved in your contacts.
  • TextChecker service – if you get a text that claims to be from Bank of Ireland but you are not sure if it’s genuine, here’s how to verify it:
    • Copy the text you wish to verify.digitPaste into a new message.
    • Add the word CHECK before the text. (In the same text)
    • Send to 50365.
  • If you receive a suspicious text, email a screenshot to 365Security@boi.com and then delete the message.
  • Bank of Ireland customers who believe they may have shared banking information should call the Bank of Ireland 24/7 Freephone line immediately.

Consumer Tech Traps: How Storage Scams Trick Users and How to Protect Your Devices

We’re all annoyed by storage alerts, but we still need them to keep our devices running smoothly. Smartphone and computer users see these notifications when space is running low. Most people quickly respond to avoid performance issues. This habit created an opportunity that scammers know how to exploit. 

One of the most common tactics is based on a fake “disk full” warning, which appears as a system-like notification or a browser pop-up. The alert imitates real operating system messages, so it’s difficult for most users to recognize it’s fake at first glance. If you engage, you’ll be redirected to a page that promotes a suspicious app presented as a quick fix.

These scams are designed to feel urgent and legitimate. The message pushes you to act immediately, warning you about potential data loss. To understand how storage scams trick users, you must recognize the subtle signs that show you’re not being offered a legitimate tool. Even cautious users can be misled into entering payment details, so everyone needs to improve their phishing awareness.

Why Storage Alerts Work as a Scamming Strategy

Storage warnings are designed to lead to immediate action. When a device is low on space, its performance degrades. Some apps may stop working properly, so the user feels they have to fix the issue as quickly as possible. This sense of urgency is exactly what makes the alerts effective, but also easy to imitate. 

Scammers take advantage of this user behavior. They create messages that look like official system notifications. The alerts copy the design, language, and structure of real operating systems, so they seem trustworthy at a glance. For users who aren’t deeply familiar with system settings, it’s not easy to distinguish between a legitimate and a fake warning. 

Real storage notifications come from system settings. Scam messages, on the other hand, are triggered through web browsers or redirects. Then how can they trick users? These fake messages are designed to look identical to system pop-ups. Many users never notice the difference. 

First Step to Protection: Learn How Storage Scams Trick Users 

When you understand how these fake alerts work, it will be easier for you to recognize them. Although the design varies, most of these scams follow a pattern. 

  • Fake system warning

The process starts with a pop-up or redirect that displays a message. It might be something like “Your disk is full” or “Storage critically low.” These alerts show up while browsing, clicking on ads, or visiting compromised websites. They look like system-level notifications, using familiar icons and phrases.  

  • Redirect to a fake solution

If you interact with the alert, you’ll be taken to a page that offers a quick fix. This may be shown as a cleaning tool or security utility. Yes; there are legitimate apps that can help you deal with storage. But they are never promoted through “low storage” alerts. Fake pages usually include progress bars, scan results, and warnings that make the situation seem serious. 

  • Installation or payment trap

At this stage, users are encouraged to download software or subscribe to a service. Sometimes the app is unnecessary, but harmless. But in some cases, it may track your activity or request payments for features that won’t solve any real issues. 

Trends and Statistics on Storage Scam Messages

Storage scams are a part of a general increase in online frauds. Recent data shows how quickly the problem is growing. According to the Federal Trade Commission, over $12.5 billion losses to fraud were reported in 2024. That’s a 25% increase compared to the previous year. A big part of these scams were through Internet services, and younger people reported losing money to fraud more frequently than older people.  

The FTC also reported that people lost $3 billion to online scams. We’re seeing a decline in frequency for the traditional methods, such as calls and emails. The fact that these scams are becoming more effective is concerning. Phishing and impersonation tactics are strong entry points. Scammers use believable messages that mimic trusted systems. 

Unfortunately, these scams are effective. The increase in the percentage of targets who lost money shows that the messages are convincing. Storage scams aren’t isolated incidents. They are a part of a larger system of phishing attacks that keep evolving. 

Signs of a Storage Scam

Raising awareness about the warning signs of storage scams is important for improving consumer tech security. These messages do look convincing, but there are a few clear indicators that something isn’t right:

  • The alerts look like system messages, but they appear in the browser. The real storage warnings come from your device’s operating system. They won’t show up from a web page or a pop-up. 
  • Aggressive and urgent prompts are always suspicious. Don’t trust messages like “immediate action required.” Their goal is to pressure you into clicking without thinking too much. 
  • Once you engage with the message, an unfamiliar app will be recommended. Real systems don’t push unknown software as a solution to storage issues. 
  • Fake tools produce too-good-to-be-true scan results. They claim to find dozens of issues in an instant, even before they perform a real scan. 
  • Unexpected redirects are a clear sign of a sign. If you’re taken to an external website that is nowhere near the official app store, don’t trust it. 
  • Any demand for payments or sensitive data is suspicious. 

Being able to recognize the signs of an online scam is the only way to reduce the risks. Stay alert and follow basic security practices, so you’ll avoid falling for these threats. 

Think Before You Scan: That QR Code May Be a Scam

In quishing attacks, cybercriminals place QR codes containing malicious links in public places, such as parking meters or restaurants, or send these QR codes via email. Such attacks can result in financial losses, stolen personal data, or compromised device, cybersecurity experts warn.

January XX, 2026. At the start of January, the US Federal Bureau of Investigation (FBI) issued a warning against cyber attacks organised by North Korean cybercriminals who used fake QR codes to trick users into obtaining personal information. According to cybersecurity experts, similar attacks, also known as “quishing”, are on the rise not only in the US but in other countries, as cybercriminals look for new ways to profit.

Quishg (QR code phishing) is a phishing technique where cybercriminals try to trick users into scanning QR codes that lead to malicious websites. Organisations in several countries have issued warnings that bad actors place these QR codes on top of legitimate ones in public places such as kiosks, restaurants, or parking meters.

For example, last year, UK government institutions have warned users of fake QR stickers on parking machines, with victims being sent to spoofed payment pages. Meanwhile, the US Federal Trade Commission issued a similar warning about unexpected packages containing QR codes that led to phishing websites.

Such fake QR codes can also be shared online. For example, the FBI said that a North Korean state-sponsored cybercriminal group, called Kimusky, targeted employees of organizations by embedding malicious QR codes in an email. In one such instance, a QR code was presented as a way to download additional information.

According to cybersecurity experts at Planet VPN, a free virtual private network (VPN) provider, no matter where a fake QR code is placed, the scheme is similar. After scanning it, a user is often forwarded to a fake phishing website mimicking a legitimate one, such as a restaurant’s website, where cybercriminals may try to charge a user’s credit card.

According to Konstantin Levinzon, co-founder of Planet VPN, such scams can lead not only to financial losses but also to compromised devices.

“Quishing is phishing–just in a different wrapper. A QR code can lower people’s guard because this technology became ubiquitous only during the pandemic, and the threat still isn’t as widely recognized. It also shifts the “risky click” from a visible link to a quick scan, making the danger easier to miss. Attackers are refining these tactics every year and constantly finding new ways to trick users,” he says.

According to Levinzon, one reason why cybercriminals may favour QR codes in emails instead of regular phishing emails is that QR codes often bypass anti-phishing and scam filters, because these often analyze only text and links, but don’t analyze images.

And even if anti-spam filters in emails are equipped with QR code detection, cybercriminals often find new ways to bypass them, for example, by making QR codes in different colors.

Cybersecurity researchers at Proofpoint estimate that during the first half of last year, there were 4,2 million QR code-related threats. However, Levinzon says that the number is likely higher because many QR code scams are undetected.

When it comes to protecting against the growing threat, users are advised to be more deliberate about when and why they scan a QR code. If after scanning a QR code, a person is forwarded to a website that asks for payment or log-in details, this is a real warning sign.

Meanwhile, if a QR code is sent from an unknown sender via email, Levinzon advises contacting the sender directly before entering login credentials or downloading files.

“We recommend applying the same logic everywhere: stay skeptical whether you receive a message from a coworker or on your personal social media account. However, vigilance is only part of the story. To maximize security, users also need basic safeguards – use a VPN on public Wi-Fi, install updates promptly, use strong passwords, and enable multi-factor authentication on all accounts,” he says.

 

 

Dublin County Sheriff Seizure notice postal scam

There is not a day that goes by without some scam or another be it text or email from utulity providers or packages being delivered requesting money and these are non stop all year round. This one is a new one from the Dublin County Sheriff

This scam however is a new one and in my local facebook group a reader posted up a letter claiming to be from the revenue but this came in the post but there is several tel tale signs but it caused a bit of a stir on the group and rightly so.

The letter itself has all the headings similar to what you would get and two big red text sections saying SEIZURE PENDING and FINAL notice. After some investigating myself speaking to the person on the page and looking into the matter it turns out to be a scam as the Gardai have been contacted and also say it is a fake.

The website itself alone looks ropey and all the details match the letter so be carefull as there is two of them now online

This is the other one online and fake

The details below match however there is clues

You can contact us using any of the following methods:

Phone: 01 8603077

Emailinfo@dublincountysheriff.com

PostFergus Gallagher, Dublin County Sheriff, Unit 17, Tolka Valley Business Park, Ballyboggan Road, Dublin 11

 

Here is the letter below and what to watch out for just in case you get one in the post

Bank of Ireland warns customers of ads impersonating well-known retailers

Bank of Ireland is warning customers about social media advertisements currently in circulation which are impersonating well-known retailers offering deals and bargains.

With online shopping at its peak during the holidays, fraudsters are increasingly targeting consumers through scam social media advertisements. These ads often impersonate well-known retailers, luring shoppers with fake offers and directing them to counterfeit websites designed to steal personal and financial information.

The Bank is also reminding customers that its dedicated fraud support team is available 24 hours a day, seven days a week throughout Christmas and New Year. Last year Bank of Ireland’s fraud prevention team received over 10,000 calls from customers during the peak holiday period (23 December to 29 December), with 550 calls on Christmas day alone.

Key advice for consumers:

  • Be cautious of social media ads that look too good to be true.
  • Always verify that you are shopping on the official website of a retailer.
  • Avoid clicking on links in unsolicited messages or posts – go to the retailer’s website for offers.
  • If you suspect fraud, contact Bank of Ireland immediately.

Nicola Sadlier, Head of Fraud, Bank of Ireland said: “Christmas should be a time of joy, not worry. Unfortunately, fraudsters see this season as an opportunity to exploit consumers, and we’re seeing many fake adverts currently which are impersonating well known retailers. Our fraud team is working around the clock, even over the Christmas and New Year period, to support customers. If something feels suspicious, trust your instincts and reach out to us straight away.”

Bank of Ireland customers can call the fraud team 24/7 on Freephone 1800 946 764.

Finnish innovation stops scam calls – Rest of Europe is following

Scam calls cause up to €850 million in losses worldwide every year, but in Finland, this tool used by criminals has been practically defeated. At the end of November, the action Finland has taken to reduce scam calls will be competing for the European Crime Prevention Award, and Europol is highlighting it as a model case.

Elisa was the world’s first operator to develop a technical method to identify and block caller ID spoofing. As a result, criminals have no longer been able to use Finnish phone numbers in their scams. In 2023, the Finnish Transport and Communications Agency (Traficom) mandated that a scam call blocking solution based on Elisa’s innovation be implemented nationwide in Finland. Since then, a type of scam known as a “technical support scam” coming from abroad has been virtually eliminated in Finland. Elisa alone has blocked nearly 26 million scam calls since 2021. Elisa’s solution was granted a patent in Finland in 2023, and in November 2025, it was also patented in Europe.

“Our employees developed the solution themselves, and we deployed it in our network back in 2021. This solution has allowed us to eliminate the majority of scam calls received by our customers. Criminals’ profits in Finland have dropped from €7 million a year to just a few thousand, meaning Elisa’s actions have already made Finland an unprofitable target for criminals. In 2023, other operators also adopted the solution following Traficom’s decision”, says Karri Jäkkö, Director of Elisa’s Cybersecurity and Service Management Center.

Now this scam call blocking solution has been nominated for the prestigious European Crime Prevention Award. The prize will be awarded on 28 November as part of the EUCPN Best Practice Conference. At the end of September, Elisa and Traficom’s efforts to reduce scam calls also won Rikoksentorjuntakilpailu, a crime prevention competition held in Finland.

From the Finnish model to an international example
Caller ID spoofing remains a tool for criminals elsewhere in Europe: Scam calls are a significant problem, causing an estimated €850 million in losses worldwide annually, according to Europol.

In October, Europol published a report calling for action at EU level: unified technical standards, closer cross-border cooperation, and harmonised regulation to prevent scam calls and hold criminals accountable. The Finnish model is mentioned as a good example. Foreign operators are also actively seeking ways to block scam calls and are interested in the success of the measures adopted in Finland.

“Finland has succeeded in creating a model that effectively protects consumers and prevents criminals from making scam calls from disguised numbers. It’s great to see that this is also attracting international interest. Preventing scams is an arms race between us and the criminals, so we are constantly developing new solutions as well”, says Jäkkö.

In addition to blocking scam calls, Elisa has developed a solution to block calls from unknown foreign numbers. Scam text messages can also be tackled with a solution jointly developed by Traficom and operators.

Elisa’s actions to reduce scams in Finland

  • 2020 – Prevention of “wangiri” scam calls:
    Elisa can identify and block commonly known wangiri numbers (a scam involving missed calls to prompt a costly callback) as well as potential new numbers and prevent the number from being displayed, so the victim cannot call the attacker’s line back.
  • 2021 – Elisa develops solution to block number spoofing:
    Elisa creates a solution that blocks number spoofing, i.e. falsifying Finnish phone numbers and using them in scam calls.
  • 2023 – Nationwide implementation of the number spoofing blocking solution:
    The solution for blocking number spoofing is adopted nationwide by order of Traficom.
  • 2024 – Tackling scam text messages:
    If an organisation has registered their sender name with Traficom, Elisa can block scam messages claiming to be sent by that organisation. For example, the Finnish Tax Administration is one of those who have registered their sender ID, so scam messages claiming to be from the tax authorities will not get delivered.
  • May 2025 – Basic security features for consumer mobile subscriptions:
    Elisa introduces default basic features for consumer mobile subscriptions that protect people using the internet on their mobile phone. These include a secure authentication service (mobile certificate), malicious website blocking and monitoring for data breaches.
  • July 2025 – Ability to block calls from abroad entirely:
    Elisa adds the possibility to completely block incoming calls from abroad using its patented solution.

Ireland puts pressure on Big Tech to tackle surge in online financial ad scams

Online financial scams are accumulating a substantial toll within the European Union, as consumers continue to be defrauded at an estimated €4.3 billion in 2022, and similar trends continuing in the year after. 

Sophisticated yet misleading advertisements have been pushed across major social media and technology platforms have become a primary conduit for these fraudulent activities.

Ireland’s stand: A push for pre-emptive action from tech giants

In response to the escalating threat, Ireland is spearheading an important initiative within the EU that proposes a rule change that would force Big Tech companies to vet financial advertisers before their advertisements are published. 

At the core of this Irish amendment, which would add to the already extensive payment services regulation, is to mandate that only financial service providers (who are officially registered with national competent authorities) would be permitted to run financial ads within the EU. 

Such a proactive stance is designed to shift the onus of initial verification onto the platforms themselves, in part because those with the broadest shoulders should bear the greatest burden. Though, the crux of the debate is simply that if a platform “airs” an ad, they should be responsible for it. 

The debate has similarities to the debate of whether web hosting providers, particularly cheap and accessible providers like IONOS, should be responsible for the sites that they host. The proposal has gained a lot of eyes, and traction, with around half of EU member states reportedly expressing support. Though, figures like US President Donald Trump have previously advocated for scaling back the regulation of major American technology firms, so this could further stoke the fire of what appears to be the EU and US going head to head.

Digital Services Act and internal conflict 

Ireland may well face internal conflict too, as a big challenge to the proposal lies in its potential conflict with the EU’s landmark Digital Services Act (DSA). Several EU diplomats have indicated that the European Commission sees a requirement for Big Tech to pre-vet online advertisers as contravening the DSA provisions, which generally don’t force platforms to conduct broad-based, proactive monitoring of content. Of course, broadly speaking, the mood around this topic might be changing, and Irish MEP Regina Doherty has countered that the requirement can be structured to align with existing law. Doherty claims it could focus on verifying the advertiser’s authorised status rather than policing the specific content of each ad, a little bit like how one must be FCA authorised to conduct crypto ads in the UK now. 

Alternative suggestions also exist, like Poland’s proposal for streamlined communication between payment providers and platforms to facilitate post-fraud content removal. Though, this is deemed insufficient by industry critics who argue this reactive approach fails to address the speed and impact of initial fraudulent postings. 

Supporting the need for more proactive urgency, the Bank of Ireland claimed that over 75% of its customers’ fraud losses during the past year come from investment scams, of which many are promoted online.

Creating a safer digital financial ecosystem

The growing crisis of online financial ad scams highlights that something needs to be done, and as is often the case, the EU is where it is most likely to happen. As Ireland pushes for this proactive amendment, we are yet to see how not only internal disagreements play out, but also how US Big Tech reacts to their ongoing battles with the EU.

SIM swapping: when your cell phone number is used for fraud

SIM swapping is a type of fraud in which criminals take control of a cell phone’s SIM card. Find out here what the consequences can be and how you can protect yourself.

In SIM swapping, criminals manipulate mobile phone providers to transfer the victim’s phone number to a SIM card that is in the possession of the fraudsters. In this way, you yourself are locked out of your cell phone and no longer have access to your own data. You will lose passwords as well as your saved performance at National Casino Ireland.

Access to your smartphone allows criminals to receive calls and messages from the victim and often bypass the two-factor authentication that many online services use to protect accounts.

SIM swapping: how the scam works

The SIM swapping process can take place in several steps, as the North Rhine-Westphalia police explain:

Obtaining information: criminals collect personal information about the victim, for example through data leaks, phishing, social engineering or buying data on the dark web.

Contacting the mobile phone provider: Using the information collected, the fraudsters contact the victim’s mobile phone provider and pretend to be them. For example, they claim to have lost their SIM card or that it is damaged and ask for the number to be transferred to a new SIM card.

Overcome verification: Accounts with mobile phone providers are often protected with two-factor authentication. This means, for example, that the mobile phone provider will send you a code via text message that you have to enter to confirm your identity. Fraudsters often try to circumvent this authentication by calling you and pretending to be a trustworthy institution. For example, they might introduce themselves as a parcel delivery service and say they need the code sent to them to deliver a parcel. If you tell them the code, they will give it to the mobile phone provider and can then proceed with the SIM swapping.

Number transfer: If the scam is successful, the victim’s phone number is transferred to the scammer’s SIM card. From this moment on, they can receive calls and messages from the victim.

Consequences of SIM swapping

SIM swapping means you lose access to your cell phone. SIM swapping can be devastating for those affected. Once fraudsters have access to the mobile account, they can use the data to gain access to other accounts. The consequences of SIM swapping therefore include

  • Financial loss: Fraudsters can access bank accounts, make bank transfers or steal credit card information.
  • Identity theft: With control of the phone number, criminals can steal more personal information and take over the victim’s identity.
  • Loss of access: Victims can lose access to their email accounts, social media and other online services that are protected by the phone number.

How to protect yourself from the scam

To protect yourself from SIM swapping, you can take the following preventative measures:

 

  • Be careful with your own data and don’t give it out carelessly over the phone or by email.
  • Make sure you publish as little personal data as possible, for example on social media or in Telegram channels. You should be particularly careful with your cell phone number.
  • If possible, use an antivirus program on your smartphone.
  • Do not download any data from unknown or insecure sources.
  • Use strong, unique passwords for your accounts and activate two-factor authentication (2FA), ideally via authentication apps instead of text messages.
  • Choose security questions and answers that are difficult to guess and cannot be derived from publicly available information.

If you have already fallen victim to SIM swapping, you should take the following steps:

Check all your relevant accounts and change your access data.

Inform your mobile phone provider about the fraud and all other account providers that the fraudsters are likely to be able to access (e.g. your bank). File a criminal complaint.