Emotional Manipulation, Increasingly Used in Fraud Attempts Targeting Romanians’ Bank Accounts

May 28, București. The digitalization of payments and artificial intelligence represent real opportunities for the development of the banking system, but they are also among the main business areas targeted by cybercriminals who threaten the safety of our money. Banking frauds through phishing, spoofing, and emotional manipulation are becoming more frequent, and individuals with little experience using new technologies are the most targeted victims, according to fraud prevention specialists. Complex schemes used to deceive consumers include luring users into fake investments and installing applications that allow criminals to remotely take control of bank accounts. All these issues are among the topics discussed in the podcast produced by the Center for Alternative Dispute Resolution in Banking (CSALB).

The podcast features fraud prevention specialists in banking: Raluca Micu, Director of Payment Oversight at the National Bank of Romania, and Alin Becheanu, Director of Fraud Monitoring & Prevention at ING Bank, in a discussion moderated by Gabriela Folcuț, Executive Director of the Romanian Association of Banks.

| ABDRC PODCAST | https://youtu.be/mzUYOVdTfug

The 5th season of the CSALB Podcasts explores themes inspired by the types of negotiation requests consumers submit to the Center for Alternative Dispute Resolution in Banking: cards and payments, bank loans, fraud, foreclosures, court vs. alternative resolution, saving and investing. This year’s CSALB-hosted meetings bring together banking system specialists, credit brokers, bailiffs, anti-fraud experts, and more. The debates are moderated by financial analysts, financial education lecturers, and well-known economic journalists. Through this year’s discussions, we aim to provide consumers with the tools needed to manage and protect their personal finances in an unpredictable macroeconomic context.

In recent years, the number of people making payments via internet and mobile banking has grown significantly. A recent survey conducted by IRES for the Romanian Association of Banks showed

that 57% of banked individuals make payments via internet or mobile banking, and approximately 87% of companies do the same. With this increase, the number of fraud types has also risen sharply. Consumers can learn more about them on www.sigurantaonline.ro. Inexperienced technology users should know a few essential things about account and card security: never share your card or card details with others. Also, under no circumstances should you disclose login credentials such as username and password for internet or mobile banking, regardless of who requests them. Banks never ask for such information. Do not click on links or download applications that promise guaranteed investments or returns—no one can guarantee profit. Otherwise, you’re simply giving criminals access to your bank accounts. Keep in mind that only 7% of fraud-related funds are recovered globally!

In the past, card payment risks were mostly linked to ATM fraud. Today, attackers use much more sophisticated techniques. Here are a few examples of fraud methods and recommendations on how to protect ourselves. First, the so-called investment

schemes often involve installing apps on mobile phones. Through these apps, an attacker can gain remote access to accounts via payment applications. The attacker can see everything in your account, access applications, apply for loans, close deposits, initiate payments, change passwords, and modify the phone number where you receive transaction authorization codes. This type of fraud was one of the most frequent in 2024.

Spoofing is another method that clones or impersonates the actual phone number owner. Attackers gain credibility with victims when their phone shows a fake call from the Romanian Police or the National Bank of Romania. Unfortunately, attackers manage to convince users to take irrational actions—such as applying for a loan and depositing the money in a crypto ATM. These attackers create detailed manipulation scenarios and exert strong psychological pressure through insistent messages that provoke fast, irrational reactions. In some cases, criminals stayed on the phone with the victim while they went to the bank to take out the loan or went to the ATM to deposit the money.

WhatsApp fraud is also very common. For instance, people receive messages from contacts asking them to click on a link to vote for a child in a school activity. However, the link leads to suspicious content, and following the steps clones the user’s WhatsApp account. Then, others receive messages like “Can you lend me 500 lei until tomorrow?”—apparently from someone in their contact list.

If people have doubts, they can go to the bank, call the number on the back of their cards, or contact the police. Banks must provide protection, but users must also act responsibly to protect their financial health. Otherwise, no measure taken by a bank will ever be enough against today’s fraud attempts. With the speed of the payment system, the chances of recovering defrauded money are very low.

The first red flag for fraud is often an emotional reaction: we’re either overly excited about winning something unexpectedly or frightened by threats like account seizure or garnishment. The fear of losing access to your money causes stress and panic, often leading to rash decisions. Whether excited or panicked, my advice is to take a moment to think things through, then try to contact the bank or the person who sent you the message and triggered your reaction.
People need to become skilled at detecting fraud: look at the message sender, the greeting (which may not be genuine), or phrases like “guaranteed earnings.” Every gain in this world involves a risk, and thus, cannot be guaranteed. Also, ask yourself: why was this tip shared only with me? Why would someone post this information instead of keeping it for close friends or family?

We’ve also seen scam messages telling people they’ll receive a package they never ordered, asking them to click on a link and pay a small additional fee. Such cases should be reported to the National Cybersecurity Directorate, which can often track down the server host and shut down the fraudulent pages. The same applies to suspicious calls. Don’t just hang up and block the number—report it to your phone provider, who can also investigate and take action.

Many fraud victims feel ashamed and avoid contacting authorities or their bank. But they must overcome that shame so their experience can help protect others vulnerable to fraud.

There are many cases where real people and accounts become unknowingly involved in criminal activity. Money mule schemes are one example. People are tricked into giving up their card or account access (e.g., to receive a foreign transfer), and their accounts are used for illegal transactions, allowing attackers to launder money and make it harder to trace.

Also in this category are those paid small amounts to like or share social media posts. In these cases, cybercriminals are most interested in the real user profile, which can lend credibility to fraudulent posts. Some users get drawn into the scheme and end up recruiting other victims.

Alexandru Păunescu, representative of the National Bank of Romania on the CSALB Coordinating Board: „Combating fraud through banking channels is a joint effort undertaken by commercial banks, the central bank, CSALB, the Police, and institutions responsible for cybersecurity. Since the beginning of the year, CSALB has received 20 complaints related to banking fraud, and banks have so far agreed to enter into negotiations in five of these cases. The types of fraud reported by consumers are varied: deceptive internet banking payments, updating personal data via suspicious links, WhatsApp account cloning followed by money transfers, and fraud through online trading platforms. Unfortunately, damages can amount to thousands of euros in a single case, and the number of fraud attempts increases during holidays or vacation periods, when payment and banking transaction volumes rise. Responsibility for preventing and resolving such situations lies with both

consumers and banks. Consumers who fall victim to fraud must immediately notify the bank and the Police and file a chargeback request for any payment they consider fraudulent. Banks must process chargeback requests submitted by consumers as quickly as possible so that illegitimate payments are not completed and cybercriminals cannot transfer funds from consumers’ accounts.

Although most fraud occurs due to consumer inattention and the disclosure of login credentials, we see that banks are willing to enter into negotiations—especially in cases where consumers acted cautiously and prudently, yet access to their banking information was gained through sophisticated fraud techniques that compromised their accounts.

The challenge faced by the banking system is to counteract fraud while also leveraging technology and artificial intelligence to improve the services they provide.
In this context, we encourage consumers to carry out additional checks and exercise caution with every transaction, payment, or access to internet banking they are about to make, as well as with any links, mobile apps, messages, or phone calls that raise suspicions.”

***

  About CSALB: CSALB is an entity established following a European directive, offering free and quick mediation—under three months—between consumers and banks or non-bank financial institutions for ongoing contracts. Consumers from any Romanian county can submit requests to the Alternative Banking Dispute Resolution Center (CSALB) by filling out an online form on www.csalb.ro. If the bank agrees to enter negotiation, a conciliator is appointed. CSALB works with 16 of the top legal and financial experts in Romania. All cases are settled amicably, and the resulting agreement holds the legal power of a court decision.

 

Download