Protect your data and yourself from fraud
Below we provide some key examples of how you can be aware of fraudulent behaviours to protect yourself and your organisation from fraud. LHV takes fraud seriously and reacts accordingly when alerted to fraudulent situations. Please inform us as soon as you become aware of a potentially fraudulent activity.
Fraudulent cloning of LHV service
Scammers may attempt to clone the LHV name and brand to commit fraud. They may use LHV’s logo, typeface, and other brand-related materials to encourage LHV clients to share their personal information or pay a scammer from their account. Scammers may attempt to clone the LHV service using the following techniques:
Scammers may attempt to create websites that look like LHV’s, with a similar URL and appearance. To avoid being scammed, please consider the following:
- Always check that the URL is https://www.lhv.com or https://www.lhv.ee.
- Do not trust sites that look suspicious or have a different address. Close your browser and report the site to email@example.com.
- When in doubt, type www.lhv.com in your browser’s address bar instead of clicking any links.
Be cautious of emails that ask you to make payments quickly or click on links to provide personal information. Remember:
- LHV never sends a request to review or suspend payments by email.
- LHV communicates only via ‘@lhv.com or @lhv.ee email addresses.
- LHV never sends official emails from ‘@gmail’, ‘@hot’, ‘@mail’ or any other email address for personal use.
- LHV does not expect a quick and immediate response (e.g., to prevent fraud) by email.
- If you receive a suspicious email, do not click on unknown links or share your personal information with anyone. Please report suspicious emails by writing to us at firstname.lastname@example.org and attach the original scam email if possible.
Fraudulent SMS messages
Please consider the following when receiving an SMS message from LHV:
- Messages from fraudsters can contain suspicious links, including foreign domains (e.g., https://lhv-pangandus.com) or shortened links (e.g., starting with https://bit.ly/) to hide the true destination of the fraudulent link. LHV never sends you links by text messages (SMS).
- LHV sends its SMS messages from the sender ‘LHV’. However, you should be aware that it is possible to forge the name of the sender. For this reason, the security of a message should not only be assessed by the name of the sender, but also by the content and possible links.
- LHV never asks you to confirm your payments or stop fraudulent transactions by SMS.
- If you receive a suspicious SMS, do not click on unknown links or share your personal information with anyone. Please report a suspicious message by writing to us at email@example.com. If possible, attach a screenshot of the suspicious SMS.
- If you receive an SMS or any other electronic message from an individual you have been dealing with at LHV, please take the same precautions.
If you believe you have been the victim of fraud
If you suspect you have fallen victim to fraud, it is important to act quickly to report the incident, protect your finances, and, if necessary, initiate a Fraud Indemnity Claim. Follow these steps to get started:
Review Payment Details
If you believe that you have been the victim of fraud, it is important to review the payment details carefully to determine if any unauthorised or fraudulent transactions have occurred. Follow these steps to review payment details:
- Ensure you did not authorise the payment, e.g. by signing up for a subscription service.
- Verify that the payment was not made by a joint account holder.
- Check if the confirmation of payee functionality identified a mismatch in the receiver name.
- Confirm the trading name of the company involved in the transaction by checking the Companies House's website.
NOTE: If, after reviewing the payment details, you realise that the transaction is not fraudulent, no further action is required.
Report the Fraud to Your Bank or Payment Service Provider (PSP)
If you can't recognise the transaction following the above steps and believe you have fallen victim to fraud, visited a suspicious page, or shared your account details with a questionable source, report the incident to your bank or PSP as soon as possible. Your bank or PSP should provide you with updates on the investigation, and LHV will cooperate as much as possible with the investigation by your bank or PSP. Additionally:
- To handle fraud-related matters in the most efficient manner, your bank or PSP must contact LHV to submit a Fraud Indemnity Claim.
- You can also report the incident to Action Fraud, the UK's national reporting centre for fraud and cybercrime. This won’t deal with any fraud reclaim, but it may help to prevent further fraud and protect other potential victims.
Make a Fraud Indemnity Claim
A fraud indemnity claim is a process where a victim of fraud can request their bank or payment service provider to refund any unauthorised or fraudulent transactions made from their account. To make a claim:
- Contact your own PSP/bank (remitting PSP) to initiate the claim – it is important to note that in order to reclaim any fraudulent transfer made to LHV accounts, the victim must contact their PSP. This is the only communication channel that is accepted and the fastest way to address potential fraud.
- Your remitting PSP will contact LHV with the necessary information to reclaim any remaining funds.
- Each PSP in the UK has its own recall process, which will be explained to the victim by their PSP.
Examples of Common Fraud Schemes
Types of Fraud That Businesses May Be Targeted With
Businesses are vulnerable to a variety of fraudulent schemes that can result in financial losses or reputational damage. Here are some of the most common types of fraud that businesses may encounter:
This type of fraud involves the creation of fake invoices that appear to be from a legitimate supplier or vendor. The fraudster may impersonate a known supplier or create a new, fake supplier to trick businesses into paying for goods or services that were never delivered.
In this type of fraud, the fraudster impersonates a CEO or other high-level executive to trick employees into transferring funds or providing sensitive information. The fraudster may send an email that appears to be from the CEO, using a similar email address or signature, and request that an urgent payment be made, or sensitive information is provided.
Payment fraud occurs when a fraudster gains access to a business's payment system or intercepts payment information to steal funds. This can include stealing credit card information, bank account numbers, or login credentials to online payment systems.
Phishing is a type of fraud that involves tricking individuals or businesses into providing sensitive information, such as login credentials or financial information, through fraudulent emails, websites, or other online communications. The fraudulent communications may appear from a legitimate source, such as a bank or government agency, but are created by a fraudster.
This type of fraud occurs when a vendor or supplier overcharges for goods or services or provides lower quality goods or services than agreed upon. This can include charging for items or services not delivered or providing counterfeit goods
Common Personal Fraud Schemes
In addition to the types of fraud that businesses may encounter, individuals may fall victim to various fraudulent schemes. Often these involve “Authorised Push Payment” scams, as the fraudster tricks an individual into authorising a payment, which to a PSP or bank seems legitimate. These can bring about significant financial and emotional harm.
Secure Account Transfer
You may receive a phone call or text message stating that your account has been hacked and that you need to transfer money to a 'secure account' immediately. The scammer will typically insist that you act quickly to prevent losing money, and they may provide you with instructions and an account number to make the payment as soon as possible. However, this account is under the control of a fraudster, and you won't be able to recover the money.
This scam often targets older, single people through social media or dating apps. The scammer will gradually gain your trust over time and eventually ask for money or access to your bank account for various reasons, such as a sudden illness or travel emergency. Pen-pal/Romance scams can also be used for money laundering, which can have serious consequences.
Social Media Message Scam
Fraudsters may take over a friend's or acquaintance's social media account and send messages requesting a quick transfer of money or share links that infect your device with malware to obtain personal information or login details.
You may be offered a high-return investment opportunity on social media, often related to crypto assets. You may be asked to open an account on a specific platform and send crypto to wallets provided by scammers or to invest in various businesses with high rates of return. This may also involve using high-profile people to promote investment schemes.
Job Advertisement Scam*
Scammers may share job advertisements on social media that appear to be from reputable companies, but ask for money for background checks or job applications. They may also direct you to open a bank account and use your personal information to take out loans or open credit cards in your name. This may also involve recruiting "money mules" to transfer money from one account to another.
Authority/Service Provider Fraud
Scammers may impersonate authorities like the police or HMRC or service providers like your broadband company and demand immediate payment for unpaid fines or taxes. They may also ask you to download a program allowing fraudsters to take over your account.