Case study Part 1: Case Studies about damage related to spyware/viruses

Following a link from a fake email to a fake website, where you end up installing software with malware or a virus.

Personal information stored on my computer or in the cloud (user IDs, passwords, etc.) were illicitly obtained by someone who then assumed my identity to illicitly access my online banking account. However, because I had applied for the One Time Password Service (Token), I was able to prevent the unauthorized transfer of funds from my account, and no money was actually sent.

How to Take Countermeasures (Precautions)

POINT 1Beware of suspicious emails and computer viruses
  1. Do not open suspicious emails and delete them.
  2. Do not install free software easily.
  3. Install the most updated browser, OS version, and virus definition file for security software.
  4. Check your computer for viruses periodically.
  5. Do not save PINs, etc. on your computer or in the cloud storage.
  6. Be careful when using free Wi-Fi spots.
POINT 2Check if you are anxious
  1. Regularly check the transaction history of your account.
  2. Contact the PRESTIA Online Help Desk to suspend usage.

For your security

One Time Password (OTP) ServiceApplication required

Virtual Pad

Using encryption technology

Using a firewall to block external access

Case study Part 2: Examples of damage related to phishing

The bank will never send emails asking customers to enter their user ID or password.

Beware of a phishing e-mail addressing SMBC Trust Bank, Sumitomo Mitsui Banking Corporation, or Sumitomo Mitsui Card Company etc., which attempts to obtain your personal data including your bank account number, PIN/T-PIN numbers, user ID, password, GLOBAL PASS (Visa Debit) such as cash card number, expiration date, security code, etc.

An email with the subject "SMBC Trust Bank password change confirmation" arrived at my email address. The body of the email had a link to click to check my registered information, and when I clicked it I was taken to a fake site that looked like the bank's website. I entered my User ID, password, branch number and account number and pressed the "Confirm" button but nothing was displayed. I found out that an unauthorized access using my User ID and password was attempted shortly afterward, but because I had applied for the One Time Password Service (Token), no unauthorized transfer was made from my account.

* Example of phishing email

From: SMBC Trust Bank - SMBC Trust Bank <info@smbctb.co.jp>
* There have been cases where our company's email address has been spoofed.
Date: XX, XX, 2020 (X) XX:XX
Subject: [Important] Please check your account to avoid losing access.

Body: Sumitomo Mitsui Banking's security system cannot verify Vpass and bank data.
Please double check your account. Otherwise, for customer security reasons, the system will automatically lock your account.
Enter your data correctly to avoid system errors in verifying your bank information.
Click the link below to fix

Modify my account
*This is not a link to our web service.

Distributor: SMBC Trust Bank Ltd.

How to Take Countermeasures (Precautions)

POINT 1Beware of suspicious emails and websites
  1. Do not open suspicious emails or access suspicious websites.
  2. Check if you are accessing the SMBC Trust Bank website. *Direct input : https://www.smbctb.co.jp

  3. Make sure there is a padlock icon on your browser. *When it is necessary to enter personal information in online banking transactions, encrypted communication is always performed. In that case, a padlock icon will appear on the screen. If the URL issued does not end with "www.smbctb.co.jp", please close the screen immediately.

POINT 2Do not enter personal information and e-mail addresses easily
  1. Do not respond to emails that request account information, such as account numbers or PINs.
  2. Do not sign on, change your PIN, or enter personal information outside of online banking.
  3. Do not publish your email address in public chat groups, bulletin boards, etc.
  4. If you enter your email address on a website, check the site's terms of sale and privacy policy.

For your security

One Time Password (OTP) ServiceApplication required

Using encryption technology

Digitally signed e-mails (S/MIME)

Other crime cases by scene

Contact Us

What to do if you have revealed your personal information!

Please contact us immediately in the following cases. As per your request, we promptly change PIN, suspend the card or reissue the card.
  • Personal information such as account number, personal identification number (Domestic Cash Card PIN, Debit PIN, T-PIN) or 16-digit GLOBAL PASS card number is stolen.
  • Had your card lost or stolen.
  • Noticed an unfamiliar transaction by receiving a PRESTIA Alert Service E-mail or checking your account activities.

Telephone

Lost/stolen cash cards notifications and inquiries

046-401-2126Within Japan (charges apply)

Service hours24 hours a day, 365 days a year.

  • *Reference and transaction are not available

81-46-401-2126From Overseas (charges apply)

Service hours24 hours a day, 365 days a year.

  • *Reference and transaction are not available

Please call the number below for inquiries of fraud

0120-373-706Within Japan (toll-free)

Service hoursMon-Fri 9:00 - 17:00 except public holidays and Year-end and New Year holidays

81-3-6854-4500From Overseas (charges apply)

Service hoursMon-Fri 9:00 - 17:00 except public holidays and Year-end and New Year holidays

Please contact PRESTIA Phone Banking to change your password
Automated Voice Guidance Service

0120-110-330 (toll-free)

Cash card PIN change

Service hours24 hours a day, 365 days a year

Telephone PIN change

Service hours24 hours a day, 365 days a year

  • *Please note this service is not available at certain times.

81-46-401-2100From Overseas (charges apply)

Service hours24 hours a day, 365 days a year.