Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Suspecicious 'unusual activity' sms

  • 20-04-2020 12:03pm
    #1
    Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭


    Hi just to make you (all) aware, I received an SMS to my inbox that (seems to be at least) the usual channel for BOI updates, payee's, fee's, terms & conditions update etc stating:

    "Your BOI online access is disabled by unusual activity. To restore your account, follow the steps on the link:
    www-365online.com
    
    "

    message received 20/04/20 @11.44am

    The wording is somewhat suspicious to me any 'disabled by' does not seem like appropriate grammar.

    Needless to say, I have not follow any steps or clicked into the link in the sms. But I tried to input the address in a browser and this warns about fraudulent website.

    My account is not locked either so it is safe to say this is a fraudulent message, though it does come trough on the usual BOI update service so I may be prudent to push a message to this service to reemphasise how BOI deals with this type of phishing.


Comments

  • Closed Accounts Posts: 487 ✭✭Bank of Ireland: Aisling


    Hi There, 

    Thanks for checking in with us here on Boards.ie. 

    We are aware of a fraudulent SMS that is circulating at the moment. If you could please delete the message and do not follow any links or reply. Bank of Ireland will never contact you asking for any of your account or online banking information.
     
    I have attached a link here to the Security Zone on the Bank of Ireland website which has a little more information on Phishing.

     
    Thanks, Aisling


  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    Hi just to make you (all) aware, I received an SMS to my inbox that (seems to be at least) the usual channel for BOI updates, payee's, fee's, terms & conditions update etc stating:

    "Your BOI online access is disabled by unusual activity. To restore your account, follow the steps on the link:
    www-365online.com
    
    "

    message received 20/04/20 @11.44am

    The wording is somewhat suspicious to me any 'disabled by' does not seem like appropriate grammar.

    Needless to say, I have not follow any steps or clicked into the link in the sms. But I tried to input the address in a browser and this warns about fraudulent website.

    My account is not locked either so it is safe to say this is a fraudulent message, though it does come trough on the usual BOI update service so I may be prudent to push a message to this service to reemphasise how BOI deals with this type of phishing.
    Perhaps you have not read this part?!


  • Closed Accounts Posts: 483 ✭✭Bank of Ireland: Richard F


    Hi there,

    Thanks for getting back to us.

    We understand your concern with the text appearing beside genuine Bank of Ireland texts but unfortunately, it is quite easy for fraudsters to do this. If they use a sender ID of 'BOI', your phone assumes the text is coming from the same place that used that ID before. The fraudsters do this obviously to make their text look genuine.

    We hope this helps.

    Many thanks,
    Richard


  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    Hi there,

    Thanks for getting back to us.

    We understand your concern with the text appearing beside genuine Bank of Ireland texts but unfortunately, it is quite easy for fraudsters to do this. If they use a sender ID of 'BOI', your phone assumes the text is coming from the same place that used that ID before. The fraudsters do this obviously to make their text look genuine.

    We hope this helps.

    Many thanks,
    Richard
    I know this, allow me to make it abundantly clear. Other people will not know this and believe it comes in from Bank of Ireland and follow the link. A followup message to the service from BOI is all that is needed to state Bank of Ireland will never issue an sms asking to input details through links, is all that is needed. The source of the fraud is coming through the sms service, users will not see the statement unless they visit the security page that has been linked in this thread.


  • Closed Accounts Posts: 1,060 ✭✭✭Bank of Ireland: Alison


    Hi There,

    Thanks for coming back to us on this.

    We appreciate the time taken to share your suggestions with us.  We understand your concerns and will certainly forward these to our Fraud Team.


    Many thanks
    Alison


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 5,933 ✭✭✭daheff


    I received a text today too apparently from BOI

    Due to recent updates
    ALL users are required to verify their accounts:
    https://365onlineupdatesboi.com , failure may lead to suspension of your online account


    I'm not a BOI user, network is 3. 2nd such phishing attempt in 2 days (other was telling me office365 is expiring).


  • Closed Accounts Posts: 2,346 ✭✭✭Bank of Ireland: Tara


    daheff wrote: »
    I received a text today too apparently from BOI

    Due to recent updates
    ALL users are required to verify their accounts:
    https://365onlineupdatesboi.com , failure may lead to suspension of your online account


    I'm not a BOI user, network is 3. 2nd such phishing attempt in 2 days (other was telling me office365 is expiring).
    Hi daheff, 

    Thanks for the information we’ll forward this on to our security team. 

    Take care, 
    Tara


  • Registered Users, Registered Users 2 Posts: 2,402 ✭✭✭Westernyelp


    The posters point above is very important. this SMS comes through on the same channel as genuine messages from BOI. this needs to be flagged on that SMS number by BOI or are we to assume that that channel of communication is now compromised and should be ignored in future?


  • Closed Accounts Posts: 2,346 ✭✭✭Bank of Ireland: Tara


    The posters point above is very important. this SMS comes through on the same channel as genuine messages from BOI. this needs to be flagged on that SMS number by BOI or are we to assume that that channel of communication is now compromised and should be ignored in future?
    Hi Westernyelp, 

    Thanks for your post. 

    We completely understand your concern. Our SMS channel has not been compromised and my colleague has explained above how these appear within the same thread as our text messages. 

    Fraudulent texts are sent in batches over a few days. They are being received by our customers and people who don’t bank with us and unfortunately, we have no way of knowing that a customer/person has received one. We also have to be mindful of how often we issue texts to customers. 

    Please be assured our security team investigate these sites as soon as they become aware of them and we have Fraud Alert messaging on our customer log in screens on the app and website. 

    Thanks again, 
    Tara


  • Registered Users, Registered Users 2 Posts: 5,933 ✭✭✭daheff


    Hi Tara

    I think the problem is that the SMS are coming in from a sender named BOI. While I fully understand that anybody with the correct software can spoof a SMS like this, not all customers do.

    It would be better if BOI displayed their sender number that could be verified by a customer rather than a customer hope that a SMS is legitimate.


  • Advertisement
  • Closed Accounts Posts: 2,346 ✭✭✭Bank of Ireland: Tara


    daheff wrote: »
    Hi Tara

    I think the problem is that the SMS are coming in from a sender named BOI. While I fully understand that anybody with the correct software can spoof a SMS like this, not all customers do.

    It would be better if BOI displayed their sender number that could be verified by a customer rather than a customer hope that a SMS is legitimate.
    Hi daheff, 

    Thanks for clarifying and we’ll ensure to pass this on as a suggestion. 

    Cheers 
    Tara


  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    The posters point above is very important. this SMS comes through on the same channel as genuine messages from BOI. this needs to be flagged on that SMS number by BOI or are we to assume that that channel of communication is now compromised and should be ignored in future?
    Hi Westernyelp, 

    Thanks for your post. 

    We completely understand your concern. Our SMS channel has not been compromised and my colleague has explained above how these appear within the same thread as our text messages. 

    Fraudulent texts are sent in batches over a few days. They are being received by our customers and people who don’t bank with us and unfortunately, we have no way of knowing that a customer/person has received one. We also have to be mindful of how often we issue texts to customers. 

    Please be assured our security team investigate these sites as soon as they become aware of them and we have Fraud Alert messaging on our customer log in screens on the app and website. 

    Thanks again, 
    Tara
    You also have no way for the customer/person to report it from the channel they receive the text from! There also does not seem to be a way to stop getting these text from BOI. So how do I stop receiving these updates to stop receiving the fraudulent sms coming through on the official point of contact about my online banking account?

    The sender ID has been compromised, however easy it is for fraudsters to do this, BOI is fully aware of it. It begs the question why is BOI not doing anything to fix the issue which reiterates peoples awareness about fraud and that addresses the most people at once. The most logical thing to do when an ID is compromised, by someone cloning it to appear to be official, is change the ID.

    It is extremely clear to me anyway that the sms was fraudulent other people do not have this luxury. Vulnerable people here are most of your customers. From my own experience you are way more susceptible to fraud when you are stressed, distracted by an emotional distress or not thinking clearly (there are many many other psychological factors but these are the main ones) now can you say with absolute certainty that non of the above will apply to the vast majority of BOI customers and non BOI customers at this moment in time and in the next 3+ months?

    Which is why I suggested that BOI do more to reassure and reinforce peoples common sense with issues of security with a simple sms through the very same flawed service which is susceptible to fraud.


  • Closed Accounts Posts: 2,346 ✭✭✭Bank of Ireland: Tara


    The posters point above is very important. this SMS comes through on the same channel as genuine messages from BOI. this needs to be flagged on that SMS number by BOI or are we to assume that that channel of communication is now compromised and should be ignored in future?
    Hi Westernyelp, 

    Thanks for your post. 

    We completely understand your concern. Our SMS channel has not been compromised and my colleague has explained above how these appear within the same thread as our text messages. 

    Fraudulent texts are sent in batches over a few days. They are being received by our customers and people who don’t bank with us and unfortunately, we have no way of knowing that a customer/person has received one. We also have to be mindful of how often we issue texts to customers. 

    Please be assured our security team investigate these sites as soon as they become aware of them and we have Fraud Alert messaging on our customer log in screens on the app and website. 

    Thanks again, 
    Tara
    You also have no way for the customer/person to report it from the channel they receive the text from! There also does not seem to be a way to stop getting these text from BOI. So how do I stop receiving these updates to stop receiving the fraudulent sms coming through on the official point of contact about my online banking account?

    The sender ID has been compromised, however easy it is for fraudsters to do this, BOI is fully aware of it. It begs the question why is BOI not doing anything to fix the issue which reiterates peoples awareness about fraud and that addresses the most people at once. The most logical thing to do when an ID is compromised, by someone cloning it to appear to be official, is change the ID.

    It is extremely clear to me anyway that the sms was fraudulent other people do not have this luxury. Vulnerable people here are most of your customers. From my own experience you are way more susceptible to fraud when you are stressed, distracted by an emotional distress or not thinking clearly (there are many many other psychological factors but these are the main ones) now can you say with absolute certainty that non of the above will apply to the vast majority of BOI customers and non BOI customers at this moment in time and in the next 3+ months?

    Which is why I suggested that BOI do more to reassure and reinforce peoples common sense with issues of security with a simple sms through the very same flawed service which is susceptible to fraud.
    Hi there, 

    We’re sorry you feel this way and would like to reassure the security of our customers accounts is extremely important to us. 

    We have a dedicated security team who investigate these types of messages and arrange to have the sites closed down. Anyone who receives a message claiming to be from us can forward it to the team at 365security@boi.com. Some mobile providers also give the option to report phishing. The security team collaborate with Fraud Smart and other banks to combat fraud and to share best practices. 
       
    We advise all our customers that we won’t send emails or texts requesting their security information. This is advised on our website, mobile app and 365 Online log in screens and when the customer is being registered for online/phone banking. We also issue regular alerts via our social media channels. 

    Thanks 
    Tara


  • Registered Users, Registered Users 2 Posts: 1 leeemy


    Hi, 

    I am very concerned re the number of Fraudulant phish Text messages myself, friends and family are receiving pretending to be Bank of Ireland.

    Have bank of Irelands systems or database been breached? If so why wasn't this reported and released?

    The fact that it only appears to be Bank of Ireland customers that are receiving these scam messages leads me to believe that Bank of Irelands customer base was breached? It only appears to be BOI customers that are receiving these messages - if this was a spray and pray approach from cyber-criminals then all other bank users would receive these BOI scams. The fact it only appears to be BOI customers getting these scams is quite concerning,

    Also - One of these scam messages came from a number that i typically receive genuine messages from BOI, the fact this was a boi number i trusted and was in same message thread from BOI geniune messages to me is really concerning and i believe it signals that perhaps your systems or customer database was breached.

    Can you please advise - how a scam phish was sent to me from the BOI system - also would appreciate  a bit of clarity and insight as to perhaps why only BOI customers appear to be targeted. Appreciate the fact if a cyber criminal sends 1000 random people a boi message there is a high chance up to 30% of these are in fact boi customers, but the limited data i have from friends family and colleagues all suggest only genuine boi customers are receiving these messaged. 


  • Closed Accounts Posts: 2,346 ✭✭✭Bank of Ireland: Tara


    leeemy wrote: »
    Hi, 

    I am very concerned re the number of Fraudulant phish Text messages myself, friends and family are receiving pretending to be Bank of Ireland.

    Have bank of Irelands systems or database been breached? If so why wasn't this reported and released?

    The fact that it only appears to be Bank of Ireland customers that are receiving these scam messages leads me to believe that Bank of Irelands customer base was breached? It only appears to be BOI customers that are receiving these messages - if this was a spray and pray approach from cyber-criminals then all other bank users would receive these BOI scams. The fact it only appears to be BOI customers getting these scams is quite concerning,

    Also - One of these scam messages came from a number that i typically receive genuine messages from BOI, the fact this was a boi number i trusted and was in same message thread from BOI geniune messages to me is really concerning and i believe it signals that perhaps your systems or customer database was breached.

    Can you please advise - how a scam phish was sent to me from the BOI system - also would appreciate  a bit of clarity and insight as to perhaps why only BOI customers appear to be targeted. Appreciate the fact if a cyber criminal sends 1000 random people a boi message there is a high chance up to 30% of these are in fact boi customers, but the limited data i have from friends family and colleagues all suggest only genuine boi customers are receiving these messaged. 
    Hi there, 

    Thanks for your post and welcome to Boards.ie. 

    Firstly, we would like to reassure you that our systems have not been compromised. As you will see from other posts on this thread these texts are also being received from people who don’t bank with us. We are also receiving reports on our social media channels from many people who are not customers.  Fraudsters will usually pretend to be from a large company or government department like the Revenue as there is a higher chance that they’ll catch somebody out. 

    We completely understand your concerns with the texts appearing beside genuine BOI texts however, as explained above, it is quite easy for fraudsters to do this. If they use a sender ID of BOI your phone assumes the text is coming from the same place that used the ID before.

    If you should receive further texts or emails claiming to be from Bank of Ireland please forward to 365security@boi.com and our security team will investigate immediately. 

    Thanks 
    Tara


  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    The posters point above is very important. this SMS comes through on the same channel as genuine messages from BOI. this needs to be flagged on that SMS number by BOI or are we to assume that that channel of communication is now compromised and should be ignored in future?
    Hi Westernyelp, 

    Thanks for your post. 

    We completely understand your concern. Our SMS channel has not been compromised and my colleague has explained above how these appear within the same thread as our text messages. 

    Fraudulent texts are sent in batches over a few days. They are being received by our customers and people who don’t bank with us and unfortunately, we have no way of knowing that a customer/person has received one. We also have to be mindful of how often we issue texts to customers. 

    Please be assured our security team investigate these sites as soon as they become aware of them and we have Fraud Alert messaging on our customer log in screens on the app and website. 

    Thanks again, 
    Tara
    You also have no way for the customer/person to report it from the channel they receive the text from! There also does not seem to be a way to stop getting these text from BOI. So how do I stop receiving these updates to stop receiving the fraudulent sms coming through on the official point of contact about my online banking account?

    The sender ID has been compromised, however easy it is for fraudsters to do this, BOI is fully aware of it. It begs the question why is BOI not doing anything to fix the issue which reiterates peoples awareness about fraud and that addresses the most people at once. The most logical thing to do when an ID is compromised, by someone cloning it to appear to be official, is change the ID.

    It is extremely clear to me anyway that the sms was fraudulent other people do not have this luxury. Vulnerable people here are most of your customers. From my own experience you are way more susceptible to fraud when you are stressed, distracted by an emotional distress or not thinking clearly (there are many many other psychological factors but these are the main ones) now can you say with absolute certainty that non of the above will apply to the vast majority of BOI customers and non BOI customers at this moment in time and in the next 3+ months?

    Which is why I suggested that BOI do more to reassure and reinforce peoples common sense with issues of security with a simple sms through the very same flawed service which is susceptible to fraud.
    Hi there, 

    We’re sorry you feel this way and would like to reassure the security of our customers accounts is extremely important to us. 

    We have a dedicated security team who investigate these types of messages and arrange to have the sites closed down. Anyone who receives a message claiming to be from us can forward it to the team at 365security@boi.com. Some mobile providers also give the option to report phishing. The security team collaborate with Fraud Smart and other banks to combat fraud and to share best practices. 
       
    We advise all our customers that we won’t send emails or texts requesting their security information. This is advised on our website, mobile app and 365 Online log in screens and when the customer is being registered for online/phone banking. We also issue regular alerts via our social media channels. 

    Thanks 
    Tara
    Tara, the fact is BOI are not updating the the sms service with this message to reassure and keep customers, who are subscribed to a service they have no option but to receive messages from safe. I don't visit regularly enough, but I do see a BOI text message regularly enough as it is the first point of contact I have no way to unsubscribe from. Any fraud attacks a vulnerability in a system, the vulnerability here is the sms service which has been attacked on more than 1 occasion. The simplest and least expensive way to counteract this fraud (on the first point of contact sms service) is to to issue a very simple message every so often to reinforce customers understanding of BOI procedures regarding how they communicate with customers and how customers should be interacting with their online banking. Counteracting the fraud is contradicting it! You don't fix a leaky tap by wrapping a cloth around it, that is exactly what BOI is doing by not issuing security updates on the same channel that is responsible for the security vulnerability.


  • Closed Accounts Posts: 2,346 ✭✭✭Bank of Ireland: Tara


    The posters point above is very important. this SMS comes through on the same channel as genuine messages from BOI. this needs to be flagged on that SMS number by BOI or are we to assume that that channel of communication is now compromised and should be ignored in future?
    Hi Westernyelp, 

    Thanks for your post. 

    We completely understand your concern. Our SMS channel has not been compromised and my colleague has explained above how these appear within the same thread as our text messages. 

    Fraudulent texts are sent in batches over a few days. They are being received by our customers and people who don’t bank with us and unfortunately, we have no way of knowing that a customer/person has received one. We also have to be mindful of how often we issue texts to customers. 

    Please be assured our security team investigate these sites as soon as they become aware of them and we have Fraud Alert messaging on our customer log in screens on the app and website. 

    Thanks again, 
    Tara
    You also have no way for the customer/person to report it from the channel they receive the text from! There also does not seem to be a way to stop getting these text from BOI. So how do I stop receiving these updates to stop receiving the fraudulent sms coming through on the official point of contact about my online banking account?

    The sender ID has been compromised, however easy it is for fraudsters to do this, BOI is fully aware of it. It begs the question why is BOI not doing anything to fix the issue which reiterates peoples awareness about fraud and that addresses the most people at once. The most logical thing to do when an ID is compromised, by someone cloning it to appear to be official, is change the ID.

    It is extremely clear to me anyway that the sms was fraudulent other people do not have this luxury. Vulnerable people here are most of your customers. From my own experience you are way more susceptible to fraud when you are stressed, distracted by an emotional distress or not thinking clearly (there are many many other psychological factors but these are the main ones) now can you say with absolute certainty that non of the above will apply to the vast majority of BOI customers and non BOI customers at this moment in time and in the next 3+ months?

    Which is why I suggested that BOI do more to reassure and reinforce peoples common sense with issues of security with a simple sms through the very same flawed service which is susceptible to fraud.
    Hi there, 

    We’re sorry you feel this way and would like to reassure the security of our customers accounts is extremely important to us. 

    We have a dedicated security team who investigate these types of messages and arrange to have the sites closed down. Anyone who receives a message claiming to be from us can forward it to the team at 365security@boi.com. Some mobile providers also give the option to report phishing. The security team collaborate with Fraud Smart and other banks to combat fraud and to share best practices. 
       
    We advise all our customers that we won’t send emails or texts requesting their security information. This is advised on our website, mobile app and 365 Online log in screens and when the customer is being registered for online/phone banking. We also issue regular alerts via our social media channels. 

    Thanks 
    Tara
    Tara, the fact is BOI are not updating the the sms service with this message to reassure and keep customers, who are subscribed to a service they have no option but to receive messages from safe. I don't visit regularly enough, but I do see a BOI text message regularly enough as it is the first point of contact I have no way to unsubscribe from. Any fraud attacks a vulnerability in a system, the vulnerability here is the sms service which has been attacked on more than 1 occasion. The simplest and least expensive way to counteract this fraud (on the first point of contact sms service) is to to issue a very simple message every so often to reinforce customers understanding of BOI procedures regarding how they communicate with customers and how customers should be interacting with their online banking. Counteracting the fraud is contradicting it! You don't fix a leaky tap by wrapping a cloth around it, that is exactly what BOI is doing by not issuing security updates on the same channel that is responsible for the security vulnerability.
    Hi again,

    Please be assured all suggestions received here have been forwarded to our customer contact team for review. 

    Thanks 
    Tara


  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    The posters point above is very important. this SMS comes through on the same channel as genuine messages from BOI. this needs to be flagged on that SMS number by BOI or are we to assume that that channel of communication is now compromised and should be ignored in future?
    Hi Westernyelp, 

    Thanks for your post. 

    We completely understand your concern. Our SMS channel has not been compromised and my colleague has explained above how these appear within the same thread as our text messages. 

    Fraudulent texts are sent in batches over a few days. They are being received by our customers and people who don’t bank with us and unfortunately, we have no way of knowing that a customer/person has received one. We also have to be mindful of how often we issue texts to customers. 

    Please be assured our security team investigate these sites as soon as they become aware of them and we have Fraud Alert messaging on our customer log in screens on the app and website. 

    Thanks again, 
    Tara
    You also have no way for the customer/person to report it from the channel they receive the text from! There also does not seem to be a way to stop getting these text from BOI. So how do I stop receiving these updates to stop receiving the fraudulent sms coming through on the official point of contact about my online banking account?

    The sender ID has been compromised, however easy it is for fraudsters to do this, BOI is fully aware of it. It begs the question why is BOI not doing anything to fix the issue which reiterates peoples awareness about fraud and that addresses the most people at once. The most logical thing to do when an ID is compromised, by someone cloning it to appear to be official, is change the ID.

    It is extremely clear to me anyway that the sms was fraudulent other people do not have this luxury. Vulnerable people here are most of your customers. From my own experience you are way more susceptible to fraud when you are stressed, distracted by an emotional distress or not thinking clearly (there are many many other psychological factors but these are the main ones) now can you say with absolute certainty that non of the above will apply to the vast majority of BOI customers and non BOI customers at this moment in time and in the next 3+ months?

    Which is why I suggested that BOI do more to reassure and reinforce peoples common sense with issues of security with a simple sms through the very same flawed service which is susceptible to fraud.
    Hi there, 

    We’re sorry you feel this way and would like to reassure the security of our customers accounts is extremely important to us. 

    We have a dedicated security team who investigate these types of messages and arrange to have the sites closed down. Anyone who receives a message claiming to be from us can forward it to the team at 365security@boi.com. Some mobile providers also give the option to report phishing. The security team collaborate with Fraud Smart and other banks to combat fraud and to share best practices. 
       
    We advise all our customers that we won’t send emails or texts requesting their security information. This is advised on our website, mobile app and 365 Online log in screens and when the customer is being registered for online/phone banking. We also issue regular alerts via our social media channels. 

    Thanks 
    Tara
    Tara, the fact is BOI are not updating the the sms service with this message to reassure and keep customers, who are subscribed to a service they have no option but to receive messages from safe. I don't visit regularly enough, but I do see a BOI text message regularly enough as it is the first point of contact I have no way to unsubscribe from. Any fraud attacks a vulnerability in a system, the vulnerability here is the sms service which has been attacked on more than 1 occasion. The simplest and least expensive way to counteract this fraud (on the first point of contact sms service) is to to issue a very simple message every so often to reinforce customers understanding of BOI procedures regarding how they communicate with customers and how customers should be interacting with their online banking. Counteracting the fraud is contradicting it! You don't fix a leaky tap by wrapping a cloth around it, that is exactly what BOI is doing by not issuing security updates on the same channel that is responsible for the security vulnerability.
    Hi again,

    Please be assured all suggestions received here have been forwarded to our customer contact team for review. 

    Thanks 
    Tara
    Thanks Tara, I'm sure everyone who has posted and viewed the topic would appreciate being updated on their response.


  • Closed Accounts Posts: 2,346 ✭✭✭Bank of Ireland: Tara


    Hi again,

    Please be assured all suggestions received here have been forwarded to our customer contact team for review. 

    Thanks 
    Tara
    Thanks Tara, I'm sure everyone who has posted and viewed the topic would appreciate being updated on their response.
    Hi there, 

    Thanks again for getting back to us. 

    All feedback and suggestions received here and on our social media channels are forwarded to the relevant areas. This is then taken into account when teams or departments are reviewing products and services. We would not receive a specific response to feedback raised here. 

    If you’re unhappy with any aspect of our service and would like to raise a formal complaint, please see our Customer Complaint Process here

    Thanks 
    Tara


  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    Why is this service still issuing fraudulent text messages to customers and why hasn't it been fixed as I suggested back in April to send out an update about not clicking on links from this service?

    Absolute disgrace! Hundreds of customers where effected by this service as I suggested it would be the case where they are vulnerable and stressed out.


  • Advertisement
  • Closed Accounts Posts: 487 ✭✭Bank of Ireland: Aisling


    Hi There,

    Thanks for getting back in touch with us here on Boards.ie.

    Please be assured we take Smishing and fraudulent activity very seriously. We regularly update our Security Zone on our Group website for tips on spotting Suspicious texts and what you can do if you suspect you have received one. I have attached a link to the Security Zone here.

    If you are ever unsure of a text/email you have received, please do not hesitate to get in touch with us here on Boards, or on our other Social Media Channels such as Twitter and Facebook, we are always more than happy to help, and advise if the message you have received is genuine or not.

    Thanks, Aisling


  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    Hi There,

    Thanks for getting back in touch with us here on Boards.ie.

    Please be assured we take Smishing and fraudulent activity very seriously. We regularly update our Security Zone on our Group website for tips on spotting Suspicious texts and what you can do if you suspect you have received one. I have attached a link to the Security Zone here.

    If you are ever unsure of a text/email you have received, please do not hesitate to get in touch with us here on Boards, or on our other Social Media Channels such as Twitter and Facebook, we are always more than happy to help, and advise if the message you have received is genuine or not.

    Thanks, Aisling
    Again, this text service is compromised is BOI going to keep denying this?! Updating your website is a complete waste of time. The point of contact is someones mobile device the point of failure is also their mobile device. Bank of Ireland have a duty of care to protect their customers from getting fraudulent text messages from a) a service they can not unsubscribe from and b) a service they never subscribe to in the first place.

    Bank of Ireland are not taking these "Smishing and fraudulent" activities seriously at all, not even close. If BOI took this seriously the vulnerability would have been fixed back in April when I reported it. Instead the circumstances regarding the vulnerability has transpired exactly how I reported it.

    I don't want or need any help, however lots of other people do. The best way BOI can help is by fixing the issue. Not by making it appear that you are doing something about it by updating a HTML page where the people who will be most effected by the issue do not see it. If some 3rd party other than BOI updated the website page this would be a compromised service that is exactly what is going on with the text service regardless of how many security levels either has.


  • Registered Users, Registered Users 2 Posts: 1,678 ✭✭✭Multipass


    Why is this service still issuing fraudulent text messages to customers and why hasn't it been fixed as I suggested back in April to send out an update about not clicking on links from this service?

    Absolute disgrace! Hundreds of customers where effected by this service as I suggested it would be the case where they are vulnerable and stressed out.
    I just ignore every text from them now. Ive had several texts with links to a survey - if that one is real they really need their heads examined...


  • Registered Users, Registered Users 2 Posts: 911 ✭✭✭steve-o


    Why is this service still issuing fraudulent text messages to customers and why hasn't it been fixed as I suggested back in April to send out an update about not clicking on links from this service?

    Absolute disgrace! Hundreds of customers where effected by this service as I suggested it would be the case where they are vulnerable and stressed out.
    It's bizarre that Bank of Ireland seem to be unwilling to make any attempt to tackle the SMS sender ID spoofing issue. Here's a wild suggestion: get the fake BOI messages blocked. The problem of spoofed IDs can be fixed at an industry level if the banks and the regulator can actually be bothered.


  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    Multipass wrote: »
    Why is this service still issuing fraudulent text messages to customers and why hasn't it been fixed as I suggested back in April to send out an update about not clicking on links from this service?

    Absolute disgrace! Hundreds of customers where effected by this service as I suggested it would be the case where they are vulnerable and stressed out.
    I just ignore every text from them now. Ive had several texts with links to a survey - if that one is real they really need their heads examined...
    That's the problem though not everyone will ignore them. If by chance you happen to be caught off guard don't ignore them fall for the scam coming through on an official BOI channel, BOI say it is not there fault. Which it very much is!


  • Closed Accounts Posts: 483 ✭✭Bank of Ireland: Richard F


    Hi There,

    Thanks for getting back in touch with us here on Boards.ie.

    Please be assured we take Smishing and fraudulent activity very seriously. We regularly update our Security Zone on our Group website for tips on spotting Suspicious texts and what you can do if you suspect you have received one. I have attached a link to the Security Zone here.

    If you are ever unsure of a text/email you have received, please do not hesitate to get in touch with us here on Boards, or on our other Social Media Channels such as Twitter and Facebook, we are always more than happy to help, and advise if the message you have received is genuine or not.

    Thanks, Aisling
    Again, this text service is compromised is BOI going to keep denying this?! Updating your website is a complete waste of time. The point of contact is someones mobile device the point of failure is also their mobile device. Bank of Ireland have a duty of care to protect their customers from getting fraudulent text messages from a) a service they can not unsubscribe from and b) a service they never subscribe to in the first place.

    Bank of Ireland are not taking these "Smishing and fraudulent" activities seriously at all, not even close. If BOI took this seriously the vulnerability would have been fixed back in April when I reported it. Instead the circumstances regarding the vulnerability has transpired exactly how I reported it.

    I don't want or need any help, however lots of other people do. The best way BOI can help is by fixing the issue. Not by making it appear that you are doing something about it by updating a HTML page where the people who will be most effected by the issue do not see it. If some 3rd party other than BOI updated the website page this would be a compromised service that is exactly what is going on with the text service regardless of how many security levels either has.
    Thanks for getting back to us today.

    [font=Arial, sans-serif]We understand your concern with the text appearing beside genuine Bank of Ireland texts but unfortunately it is quite easy for the fraudsters to do this. If they use a sender ID of ‘BOI’, your phone assumes that the text is coming from the same place that used that ID before.  The fraudsters do this obviously to make their message appear genuine. [/font]


    [font=Arial, sans-serif]We really appreciate all customer feedback on this, both positive and negative and we'll be sure to pass your feedback on to the relevant team. [/font]


    [font=Arial, sans-serif]Thanks,[/font]
    [font=Arial, sans-serif]Richard[/font]


  • Registered Users, Registered Users 2 Posts: 4,850 ✭✭✭ShamNNspace


    Just recieved this sms, I have not opened it. btw im not a boi customer though my wife is, what do you suggest I do. We do have online banking though we do this from the laptop Tia


  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    Just recieved this sms, I have not opened it. btw im not a boi customer though my wife is, what do you suggest I do. We do have online banking though we do this from the laptop Tia
    Don't click the link in the message should be good. Can delete the message but you can't unsubscribe from the service but you can block BOI number I believe, not that you should have to.


  • Registered Users, Registered Users 2 Posts: 4,850 ✭✭✭ShamNNspace


    Don't click the link in the message should be good. Can delete the message but you can't unsubscribe from the service but you can block BOI number I believe, not that you should have to.

    Ok thanks im with another bank myself but my wife is with boi.. First sms I've ever recieved like this


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 4,325 ✭✭✭iLikeWaffles


    Don't click the link in the message should be good. Can delete the message but you can't unsubscribe from the service but you can block BOI number I believe, not that you should have to.

    Ok thanks im with another bank myself but my wife is with boi.. First sms I've ever recieved like this
    Very easy for 'scammers to make it look like it is BOI sending the massage' apparently. BOI don't seem to give 2 sh**'s about people being scammed, so there you are!


  • Closed Accounts Posts: 483 ✭✭Bank of Ireland: Richard F


    Just recieved this sms, I have not opened it. btw im not a boi customer though my wife is, what do you suggest I do. We do have online banking though we do this from the laptop Tia
    Hi ShamNNspace,

    Thanks for sharing this with us. This is indeed a fraudulent text message and we would ask you to delete this text. Rest assured we will never ask you for any online or account details over text.

    We appreciate you and your wife spotting this.

    Many thanks,
    Richard


Advertisement