J&C has received copies of phising e-mails, which have been sent to BCEL customers in an attempt to gather personal and financial information from the account holder.

The e-mails, with subject: “Your account will be closed – NOTICE” read as following: ” Dear customer, your account has been revoked and temporarily suspended for verfication purpose. You are required to ACTIVATE this account now to avoid a total suspension. Please note that you have received this message because your account was auto marked for additional verification ! BCEL INTERNET BANKING © 2013., BANQUE POUR LE COMMERCE EXTERIEUR LAO PUBLIC. ”

Further a link is provided, where the account holder is requested to provide his personal information.

In general, the number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well known and trustworthy Web sites. A phishing expedition, like the fishing expedition it’s named for, is a speculative venture: the phisher puts the lure hoping to fool at least a few of the prey that encounter the bait.

How to Avoid Phishing Scams

The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. While online banking and e-commerce is very safe, as a general rule you should be careful about giving out your personal financial information over the Internet. The Anti-Phishing Working Group has compiled a list of recommendations below that you can use to avoid becoming a victim of these scams.

Be suspicious of any email with urgent requests for personal financial information

• unless the email is digitally signed, you can’t be sure it wasn’t forged or ‘spoofed’
• phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately
• they typically ask for information such as user names, passwords, credit card numbers, social security numbers, date of birth, etc.
• phisher emails are typically NOT personalized, but they can be. Valid messages from your bank or e-commerce company generally are personalized, but always call to check if you are unsure

Don’t use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don’t know the sender or user’s handle

• instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser

Avoid filling out forms in email messages that ask for personal financial information

• you should only communicate information such as credit card numbers or account information via a secure website or the telephone

Always ensure that you’re using a secure website when submitting credit card or other sensitive information via your Web browser

• Phishers are now able to ‘spoof,’ or forge BOTH the “https://” that you normally see when you’re on a secure Web server AND a legitimate-looking address. You may even see both in the link of a scam email. Again, make it a habit to enter the address of any banking, shopping, auction, or financial transaction website yourself and not depend on displayed links.
• Phishers may also forge the yellow lock you would normally see near the bottom of your screen on a secure site. The lock has usually been considered as another indicator that you are on a ‘safe’ site. The lock, when double-clicked, displays the security certificate for the site. If you get any warnings displayed that the address of the site you have displayed does NOT match the certificate, do not continue.

Remember not all scam sites will try to show the “https://” and/or the security lock. Get in the habit of looking at the address line, too. Were you directed to PayPal? Does the address line display something different like “hxxp://www.gotyouscammed.com/paypal/login.htm?” Be aware of where you are going.