Financial Safety

Fraud is an activity in which people or organizations deliberately use unfair means to gain material benefits and misuse personal data. Such activities may include providing false information, identity theft, financial manipulation, or selling counterfeit products or services.

As the number of fraud cases is increasing, we invite you to familiarize yourself with the most common types of fraud in Latvia and receive tips on how to take care of both your personal and business financial security.

photo

Private customers

Romance fraud

Scammers look for victims on online dating sites, social networks or by sending emails. They use a fictitious identity to introduce themselves and contact people with whom they have made contact, after a while the scammers start asking for help, for example, stating that there is an emergency that requires him/her to buy plane tickets to visit a "loved one", such as they are also often asked to pay the costs of moving, they are often asked to help when their health deteriorates, and to transfer money supposedly for treatment. Fraudsters can also come up with other reasons to try to cheat money.

Obtaining online bank log in or card information (phishing)

Phishing is a form of fraud in which the customer is tricked by various means, such as email. through letters, text messages, phone calls or by manipulating the search results of Internet search engines (such as Google or Bing), forcing you to enter your personal online banking or payment card details on websites created by fraudsters or to say them during a telephone conversation. Fraudsters use the received data to:

  • when making purchases and paying for them by the person who transmitted the information about the access codes;
  • with the funds in the account or using intercepted login data, transfers funds from the victim's account to the accounts of third parties.

Fraudsters can create fake online banking sites or online stores. Such sites usually look very similar to the original. Scammers distribute links to these fake sites via email. by mail, text messages or by submitting them in the results of an internet search engine (eg Google search engine). email letters and text messages are usually sent under the name of the bank, asking to click on a link because, for example, it is necessary to read an important message, block a payment or change bank login details.

Sometimes a scammer places a malicious link that can look like an advertisement on an Internet search engine (such as Google or Bing) so that it appears as the first search result. A person clicks on a link to a fake website and is taken to a phishing website that looks identical to the service provider's original website.

In order to defraud data, fraudsters send messages in the name of state institutions, companies or well-known online portals, such as the State Tax Inspectorate (VMI), Lithuanian Post, companies providing courier services or other institutions. When calling, they introduce themselves as representatives of the aforementioned institutions. Fake text messages or e-mails from the aforementioned institutions or institutions. through emails, residents are sent malicious links that they are encouraged to click on. Such messages purport to be invitations to verify payable taxes, complete customs formalities, or view documents allegedly related to legal proceedings. After clicking on the link, the person is directed to a fraudulent website where they are asked to enter their online banking login details. If fraudsters succeed in extracting such information, this information is used to embezzle personal finances (by making transfers to third-party accounts), may attempt to take out a loan or purchase on installments in the victim's name, so it is very important to pay attention to what action is being asked to be confirmed by pop-up messages on your device . Approve only those transactions and actions that you initiated and want to complete. If a pop-up message on your device makes you suspicious, don't enter any data. 

In the ways described above, fraudsters can also obtain the data needed to activate Google Pay and Apple Pay payment methods. Pretending to represent a state institution, company or portal, fraudsters invite people to click on a link so that, for example, the person allegedly receives a package addressed to him or pays an allegedly imposed administrative penalty. After opening the provided link, users are asked to enter their payment card details and Google Pay or Apple Pay activation code. This deceptive process allows fraudsters to link your payment card to their device's Google Pay or Apple Pay wallet in order to make unauthorized transactions.

Fake prepayments and fake invoices

Fake prepayment scams are also currently popular. Scammers offer a product on social media or through selling websites, and ask the buyer for advance payment, but do not deliver the product. These types of scams work well for products which people are in need of, like wood pellets, briquettes and firewood, and are offered at a particularly good price. The victim, wanting to save money, replies to the offer and is caught out by the scammers. Fake prepayments are similar to fake invoices, which are issued in the name of a company. This company may really exist, but the company’s true bank account details are replaced with the scammer’s details.

Fake employers

Fake job offer scams are still active. Scammers will pretend to be bank employees, call and offer a job based on advertisements posted by those looking for work. To pretend to verify your identity, the caller asks you to open a bank account and pass on your online banking login details. We have also identified a scheme where the scammers call the victim via video call and ask them to show their ID documents to the camera. In this manner, the scammers gain access to the victim’s information, and the account is used as a transit account to transfer money scammed from other people, while passport information is used to apply for loans etc. You must be careful when posting job-seeking advertisements. Remember that your account access data should be known only by you, and bank employees will never ask for it.
 

Fake lotteries

Also, fake lotteries, which are organized by fraudsters under the guise of a well-known organization or company, have not disappeared. For example, a person is told that they are a winner and must first verify their identity by making a token payment in order to receive a prize.

If you have received such a request, in any case, it is necessary to make sure whether the permit number of a specific lottery is indicated, whether it is registered in Lithuania; in case of doubt, it is worth contacting the Gambling Supervision Service at the Ministry of Finance of the Republic of Lithuania, more information here. Be especially wary of asking for a payment to verify your identity, emphasizing that this is required by the company's rules - this is likely to be a scam.

Separately, we can also mention the operators of illegal gambling activities, whose activities can also be associated with separate cases of fraud. Using the services of illegal gambling organizers also risks falling into the traps of fraudsters. You can find more information about illegal gambling operators here.

Scam phone calls (vishing)

Our customers are currently reporting that they have received calls in Russian claiming to be from the police informing them of a suspicious transaction in their account or a loan taken out in their name. If necessary, a second person will join the call, or the customer will receive a second call, claiming to be a bank employee and confirming what the fake police employee is saying. They will then ask the customer to complete actions using Smart ID or MobileSCAN, or to give them their online banking log in or card details.

Investment fraud

Fraudsters pretend to be employees of financial brokerage companies or banks and offer extremely profitable investments in stocks, bonds, cryptocurrencies or elsewhere. They ask you to install software (like Anydesk, etc.) to invest, or simply ask you to transfer money to scam accounts. Scammers often create websites where the victim can watch "growing profits" as the supposed success encourages them to invest more and more.

So far, all cases of investment fraud follow a scheme where the customer receives a phone call with the "best offer of the age" to invest and profit. The proposer usually speaks only Russian, although recently Lithuanian is also spoken more and more often. The phone numbers that are called are either randomly selected or taken from an illegally obtained database. Elderly people are often the victims of these scams, and quite often there are cases where customers take out quick loans and even want to take out a bank loan to take advantage of this opportunity to earn money.

It is also possible to single out entities that do not have the right to engage in financial and investment activities, as well as entities that provide illegal financial services. More information about entities that do not have the right to provide financial (including investment) services in Lithuania, as well as information about websites offering illegal financial services , can be found on the website of the Bank of Lithuania. It is also one of the tools that will allow you to identify unauthorized activities that can cause you harm. 

Scams aimed at those selling goods

Scams aimed at sellers, rather than buyers, are also becoming popular. In these cases, rather than posing as a seller, the scammer pretends to be a buyer and contacts the seller about purchasing a product via courier. Typically, the scammer sends a link to a website pretending to be from a legitimate courier, like DPD or Omniva, which asks the recipient to enter their card details. In this case, you must pay attention to where the link takes you, check the web address, and think critically about the amount and type of information requested of you. We also recommend that sellers organise their own delivery, rather than clicking on links sent by strangers. We recommend that both buyers and sellers use trusted delivery services and look sceptically at unfamiliar services, checking whether they truly exist, reading reviews etc.

Helping the needy

Using direct communications online and fake profiles, scammers often use moving, dramatic stories and requests claiming to be from people needing financial support, thus convincing people to transfer money and help those in need.

Loan fraud

Scammers will post a loan offer on social media with a very good interest rate. To apply for the loan, they will ask the victim to give them their online banking access details or payment card information, under the pretence that this is necessary for evaluating the victim’s creditworthiness or verifying their identity. Loan fraud is also often committed without access to online banking or card details, because the victims themselves transfer money to the scammers’  account. In this case, the scammers will ask the victim to make various payments in order to process the loan, for example, as a contract processing fee or loan insurance payment, or as a deposit for the loan. These transfers are most often made to a private individual’s overseas bank account, rather than to a business.

icon More questions
Don’t respond to requests for fast action

People can often become confused when they need to make a fast decision. If a service provider is hurrying you, you feel confused, and you don’t know how to act, keep a cool head and take your time to think about it. Remember the first tip: check all the information. Neither the bank nor other legitimate organisations will hurry any customer to immediate action. Similarly, if you receive an unbelievably good investment offer, don’t rush to make a decision about it, and check the legitimacy of the transaction with a trusted specialist or bank.

Carefully check information

Always check what web address is shown in the internet browser address bar: does it match the service provider you were trying to access? If you use an online search engine (such as Google or Bing), don’t open the first result, marked as an ad, without checking its address.

Before you enter sensitive information (username, password, authorisation codes, payment card details) into a website, check again whether the website is real. Check whether the contact information in the message is real, and use the publicly-available phone numbers named in official sources to contact the bank. Don’t rely on the caller’s phone number, and do not return the call to their number.

Do not share your personal information

Never — whether by phone or online — agree to requests to pass on information about your banking details, payments cards, passwords and codes, and do not enter this information into links that have been sent to you. Always remember that bank or police employees will never ask for your account access details.

Don’t open links or attachments in suspicious emails

First, carefully check the email address and sender: are they familiar and real? Often, an email address is set up which is similar, but missing a letter or has an added symbol, thus imitating a username or organisation name. You should also ignore requests to install programmes or apps. Under no circumstances should you enter your banking information into any links sent to you or programmes that you have been asked to download.

icon More questions
image
icon

What do I do if I am a victim of a scam?

If you suspect that you have become a victim of a scam, contact us immediately by calling +370 5 221 9091 or emailing info@citadele.lt. You should also notify the State Police.

How to prepare for your conversation with the bank?

  • Briefly describe or explain what happened; collect any proof you might also have (such as the fraudulent letters, text messages etc.).
  • Review your account statement and report all transactions that you did not make yourself.
  • Tell us what personal information you revealed, such as username, online banking password, MobileSCAN PIN code.
  • Did you download any programmes onto your device at the request of the scammers, and if so, what?

We will block your payment card and online bank to ensure that your finances are secure, and we will inform you about your next steps.

photo

How do I safely use MobileSCAN?

MobileSCAN is an authorisation device integrated into the Citadele mobile app, which enables you to log in to the online bank or app, confirm payments and sign documents conveniently and securely.

When you download that Citadele app, we test the security level of your mobile device, meaning that MobileSCAN complies with the highest security standards. However, for your own financial security, please remember to be careful of who you give your personal information to.

  • Never give anyone your MobileSCAN PIN codes.
  • Only enter your MobileSCAN PIN code if you are currently making a payment or attempting to log in to a Citadele portal (such as the online bank).
  • If you have lost your mobile phone, contact us as quickly as possible by calling +370 5 221 9091 to block MobileSCAN.
photo

How can I recognise the Citadele online bank?

  • Always check the web address. Our website’s address is www.citadele.lt and our online bank’s address is: https://online.citadele.lv/.
  • Scammers often try to trick people into using fake websites which look similar to the original. Always check whether the address and domain match Citadele’s address. If you notice even a small change, such as www.citadele.com; www.citadelebanka.lt or citadelelt.com among others, under no circumstances should you trust the page, and you should contact us immediately by calling +370 5 221 9091.
photo

For business owners

Although it is often thought that scammers only target private individuals, businesses are also targeted. These cases are rarer, but the amount scammed from businesses is usually far greater than when individuals are scammed.

Scammers pretend to be business partners or managing a business

Scammers pretend to be existing or new business partners and take over communications by email, sending fake bank account numbers for making transfers. For example, someone posing as a new business partner sends a fake invoice for advance payment for a service or business deal.

We recommend always taking the time to check. The best way is to use a different method of communication to verify that the invoice was indeed sent by the company, and to check that the service for which the invoice has been sent has really been received.

Change of bank account

To avoid scams, we recommend only using officially verified and confirmed contact information for communication and sending documents.

When you receive information about a business partner’s bank account or other changes to how you pay them, we recommend checking whether this change is true using an official contact channel, such as a phone number.

icon More questions
image
  • when you receive information on a business partner’s bank account change, check that this is indeed the case. For example, if you receive an email, check by phone;
  • open two bank accounts, separating your current account from the account linked to your payment card, which can help protect your business from larger sums of money being stolen;
  • keep your bank account, payment card and authorisation details in a secure place which cannot be accessed by third parties;
  • introduce a multi-step service payment process;
  • enable SMS notifications for all payments from the company account, which will enable you to keep on top of transactions and report scam payments in a timely manner;
  • if an invoice sum exceeds a previously-agreed limit, introduce a two-person (at least) confirmation process;
  • limit the number of people who are informed about planned transactions, as this information can be used by scammers;
  • it is best not to use social media to contact your business partners, as scammers often make fake profiles pretending to be someone else in order to steal money.
photo
icon

How do I report a scam?

If you suspect a scam, contact us without delay by calling +370 5 221 9091or your contact person at the bank, and submit a report to the State Police.
chat logo