LogoRegulatory Alerts
2024-01-01

Circular No. 52/2024 - Criminal Modus Operandi: Email Fraud

The Palestine Monetary Authority issued Circular No. 52/2024 to all banks operating in Palestine, warning of a criminal modus operandi involving email account impersonation to facilitate fraudulent financial transfers. The circular mandates banks to implement enhanced due diligence measures, including verifying email authenticity via recorded phone calls, prohibiting unverified email-based payment instructions, and notifying correspondent banks of suspected fraud. Additionally, banks are required to educate customers, report incidents to the AML/CFT department within two weeks, and guide victims to file complaints with competent authorities.

Palestine Monetary Authority logo

Palestine

Palestine Monetary Authority

Click to view thumbnail

Palestine Monetary Authority

PALESTINE MONETARY AUTHORITY

Decision Issued by the Palestine Monetary Authority

Circular No. (52/2024)

To All Banks Operating in Palestine

Date: Monday, June 24, 2024

Subject: Criminal Modus Operandi - Email Fraud

The Palestine Monetary Authority urges banks to take necessary precautions and exercise caution to avoid a criminal modus operandi that relies on fraudsters hacking the email accounts of individual and corporate victims, and phishing for communications conducted via email. The criminal modus operandi involves one of the following methods:

  1. The fraudster creates a cloned email address that closely resembles the original email address of the bank's client (the victim), and then uses the cloned email to send a request to the bank to issue a large external money transfer from the victim's account to a beneficiary at a bank located outside Palestine, or to request payment of specific bills or purchases, or to request activation of electronic services such as internet banking or to request a password change for later use in hacking and stealing bank account balances and transferring them to others.

  2. The fraudster creates a cloned email address that closely resembles the original email address of the entities with which the bank's client (the victim) deals, and then uses the cloned email to copy previous correspondence between the victim and those entities, and then contacts the victim and requests them to issue a money transfer in favor of a foreign entity located outside Palestine for the purpose of paying financial consulting fees or to complete the supply of an agreed-upon service.

In its commitment to combating electronic fraud and reducing the risks of this crime, we emphasize the necessity of taking the following measures:

  1. Raising awareness and warning customers and citizens about the aforementioned criminal modus operandi and clarifying its risks, and distributing awareness and educational brochures regarding this matter through bank branches and offices and its social media channels.

2. Sending text messages or notifications to customers when executing money transfers and fund transfers from their accounts.

3. Establishing and adopting operational measures, procedures, and controls that ensure the following:

  • Not accepting the execution of payment orders and requests received from the client via email unless the bank has been authorized to adopt a specific email address for correspondence with the client in accordance with due process.
  • Verifying the validity of orders and requests sent via email before executing them, which includes matching the email address with the address approved by the bank, and contacting the client to reinforce their request in writing via a recorded phone call.
  • Informing correspondent banks or beneficiary banks of the email fraud incident through approved communication channels, and taking appropriate measures to recover the fraudulent transfers if possible, and working to document the results of follow-ups regarding this matter.
  • Exercising the highest degree of caution and due care when dealing with or initiating any future financial transaction in favor of the beneficiaries of the fraudulent money transfers.

4. Taking the necessary legal measures to combat electronic fraud crimes in accordance with prevailing legislation, and directing victim customers to file complaints with competent authorities.

We emphasize the necessity of reporting to the Anti-Money Laundering and Combating the Financing of Terrorism Department at the Palestine Monetary Authority upon learning of customers being exposed to similar fraud incidents, and providing the Department with a written report within two weeks from the date thereof regarding the measures taken to comply with the requirements of the above clauses.

Supervision Group
Palestine Monetary Authority

Ramallah & Al-Bireh Governorate - Palestine P.O. Box 452 - Palestine P.O. Box - Ramallah & Al-Bireh Governorate
info@pma.ps | Fax: +970 2 2415310 | Tel: +970 2 2415251 | Telephone | Postal code: P6160675 | Postal Code
www.pma.ps

Share