OREANDA-NEWS. April 17, 2012. Sampo Pank discovered that many people, incl. clients of Sampo Pank, have been sent spoof messages in which they are asked to confirm information that is only known to the clients themselves. This is a type of fraud that is widely spread in the internet and known as ‘phishing’. It is aimed at obtaining the personal or financial data of people. Many phishing scams have been directed against the clients of financial institutions in Estonia this year, reported the press-centre of Sampo Pank.   

We would like to emphasise that the bank never requests the personal data of its clients, such as passwords or credit card data, via e-mail. Please delete any such spoof messages and do not reply to them.

We make every effort to collect all information we can find about such scams and pass it on to the police to help them apprehend the person(s) who sent these messages.

Sending e-mail messages from any e-mail address is technically easy to do. There are several technical measures that can be implemented as protection against such spoof messages, e.g. signing e-mails or the sender policy framework. However, the implementation of these measures does not depend on the e-mail server of Sampo Pank (the sender), but the settings of the recipient’s server. We will be seeing such attacks/e-mails for as long as there are e-mail servers with weak security measures on the internet.

It is therefore impossible to guarantee that such letters will not end up in the mailboxes of our clients again, which means we must emphasise once again that the bank never requests the passwords or credit card details of its clients via e-mail and such messages must be deleted.