Czech bank subject of biggest ever e-mail scam

Hundreds of thousands of people in the Czech Republic have been bombarded in recent weeks by fraudulent e-mails in what is the biggest attempted internet fraud scam in the country’s history. The emails purport to be from country’s biggest bank, Česká Spořitelna – and ask for client’s account and credit card details. The campaign has been so unrelenting that many Czechs have learned a new word, phishing the name given to this form of scam. I talked to Česká Spořitelna’s spokeswoman Klára Gajdušková and started by asking whether the bank has had any previous experience with this kind of Internet crime:

“Phishing attacks are not a new phenomenon. The Czech Republic has witnessed phishing e-mails and similar campaigns several years ago, but not on such a massive scale as we are seeing today. Česká Spořitelna has become a victim of these e-mails for the first time.

“What is important to say is that we never communicate with our clients about such important issues as security details, personal ID numbers, card numbers, PIN codes or any other identity codes by e-mail.”

How long has this campaign been going on?

“We received the first e-mails at the beginning of this year, on January 6, but the massive campaign goes back to March 4 and we are still expecting the wave to culminate. So it is not over yet.”

Is there any way that Česká Spořitelna could stop these attacks?

“Frankly speaking, there is no way how we could do that. Many clients are disappointed by getting the e-mails which pretend to be sent by us. The only thing we can tell them is: we apologize, it’s not our fault, please, make sure that you don’t respond to these e-mails. The experience from abroad shows that the waves of phishing e-mails usually come and leave.

“What is interesting is that the damages caused to clients who responded to the e-mails were really minor. So far only 34 clients gave out their data from their credit or debit cards, which is a small number compared to hundreds of thousands or perhaps millions e-mails pretending to be sent on behalf of our bank.”

You must have been flooded in the past weeks by phone calls from your clients.

“Yes, that’s right. Your client centre is receiving several thousands of e-mails every day. What we did and what we think is the only efficient way to tackle this problem is a massive information campaign.”

What measures have you taken since your clients first received the e-mails?

“We have filed series of complaints to the police and we provide any help they need in finding out who is behind this campaign. But involving the police is the last step. What is more important is the prevention and information to the general public about these problems.”

Why do you think it was Česká spořitelna which was chosen as a target?

“I think the reason is that we have the largest number of clients in the country and the largest number of clients using internet services. So the probability that somebody who receives these fake e-mails is a client of Česká spořitelna is pretty high compared to other banks who have just several thousands of clients.”