Branches +4021.222.33.10
E-BANKING
Useful Info Security recommendations
Shareholders Management News FINANCIAL INFORMATION BRANCH NETWORK ATM NETWORK

Beware of “Man In The Middle” via e-mail Fraud!

May 07, 2025

With this scam, the attacker manages to insert himself into the conversation between two interlocutors (often by stealing the access credentials to the email account of one of the interlocutors). He intercepts their e-mail messages and modifies them for his own benefit.

Let's take an example: A and Z have been business partners for several years and have a relationship based on trust. Usually, A would send Z the most recent contract accompanied by the payment invoice by e-mail, and Z would make the payment. At some point, a fraudster manages to compromise A's e-mail account, reads his e-mails and observes this way of working. Consequently, the attacker decides to send Z a similar email, apparently from A (impersonating him), only he changes the legitimate account number of company A in the contract and invoice with his own IBAN account, for the purpose of fraud. The thus modified message reaches Z who, although he notices that A has a new IBAN account, does not attach importance to this change based on his sense of trust and habit. Thus, without suspecting fraud, Z makes the payment to the indicated account, thus ending up in the possession of the fraudster.

The fraud scheme relies on the fact that the e-mail messages come from trusted people (friends, relatives, colleagues, business partners, etc.), so that the victims are tempted to transfer money or send personal data and confidential information without making any additional checks.

In order to prevent such situations, we recommend you:

  • Do NOT make payments to new IBAN accounts that you have not used before, based on instructions received by e-mail and without first verifying the validity of these accounts with your partners, by means of other communication channels not related to the e-mail. The offenders count on the lack of this verification, therefore, if you check, you will successfully counter-attack the attempted fraud. Do NOT verify the data by e-mail or, under no circumstances, through the contact channels suggested in the suspicious e-mail – we advise you to directly contact your partners, by secure and known channels;
  • to avoid, as much as possible, to use unprotected electronic correspondence to exchange information of sensitive commercial or of confidential nature (IBAN codes, passwords, payment details, etc.);
  • to always use Antivirus software for the protection of your computers;
  • In the event you made a payment to a wrong account, urgently contact your bank to find out if blocking proceedings /return of the involved amounts are still possible. In case you consider you have been a victim of an online fraud attempt, we also encourage you to notify as soon as possible the local Police, including online at the address https://politiaromana.ro/ro/petitii-online, as well as the National Directorate of Cyber Security – DNSC (phone: 1911; email: alerts@dnsc.ro).

When a business is active 24h.
Even in weekends.
Try the new generation of online banking - Vista Internet and Mobile Banking.
Modern solutions for your personal and business needs.
SEE MORE
Customer Service
Our dedicated officers are available 24/7.
CONTACT US
Open an account
Open your account and we will open the finance world for you.
NEW ACCOUNT
Mortgage
A home for your family.
ASK FOR AN OFFER
At Vista Bank, we put an equal mark between human and professional interaction. Dialogue between you and the bank means, in fact, dialogue between people. Every day we aim to be the important bank in your life and business. To be closer, faster, stronger. To capitalize on our experience and partnership to build, together, future opportunities. With us, your projects are always in good hands.

Because we make banking human.

At your disposal,

Vista Bank
#closer #faster #stronger