BCR, BRD, and ING Romania Phishing: How Scammers Target Romanian Bank Customers

Romania's major banks — BCR (Banca Comercială Română), BRD Groupe Société Générale, ING Bank, and Raiffeisen Bank — are among the most impersonated institutions in Romanian phishing campaigns. Scammers send fake SMS messages, emails, and even WhatsApp messages designed to steal internet banking credentials and drain accounts.

The attacks have become extremely convincing. They mimic the exact look and language of official bank communications, reference real banking apps like George (BCR) and MyBRD, and create a sense of urgency that pushes victims to act without thinking.

Common Banking Phishing Tactics in Romania

Fake SMS from "BCR" or "BRD"

The most prevalent attack vector is SMS phishing (smishing). You receive a text message that appears to come from your bank:

• "Your BCR card has been blocked. Verify your identity: [link]"
• "Suspicious transaction detected on your BRD account. Confirm here: [link]"
• "Your ING Home'Bank session has expired. Reactivate: [link]"

The link leads to a convincing replica of the bank's login page. When you enter your username, password, and SMS verification code, the scammers gain full access to your account.

Fake George App Notifications

BCR's George mobile banking platform is specifically targeted. Scammers send notifications or emails claiming you need to "update your George app" or "verify your George account" through an external link — which leads to a credential-harvesting page.

Email Phishing with Official Branding

Emails with BCR, BRD, or ING branding that contain:

• Fake transaction alerts
• Account "security upgrade" requirements
• Requests to "confirm your identity" to avoid account suspension
• Fake credit card limit increase offers

Vishing (Phone Phishing)

Scammers call pretending to be bank employees. They may already know your name and partial account details (from previous data leaks). They guide you through "security verification" steps that actually give them access to your account or trick you into authorizing transfers.

How Romanian Banking Phishing Actually Steals Money

The typical flow:

1. You receive a fake SMS or email with a link
2. You click the link and land on a page that looks exactly like your bank's login
3. You enter your credentials — username and password
4. The scammer logs into your real account simultaneously using your credentials
5. The bank sends you a real SMS verification code for the scammer's fraudulent transaction
6. The fake site asks you to "verify" by entering the code you just received
7. You enter the code, authorizing the scammer's transaction
8. Money leaves your account to a money mule's account

This entire process can happen in under two minutes.

Red Flags for Romanian Banking Phishing

Signal	Legitimate Bank	Phishing Attempt
URL	bcr.ro, brd.ro, ing.ro	bcr-verify.com, brd-secure.info, ing-update.ro
Sender	Official bank number	Random number or spoofed short code
Language	Professional Romanian	Subtle grammar errors, unusual phrasing
Request	Never asks for full password via link	Asks for password, PIN, CVV, and OTP
Urgency	Normal tone	"Immediate action required" or "24-hour deadline"
Links	App-based notifications	External links via SMS or email

How to Protect Yourself

1. Never click links in SMS messages or emails claiming to be from your bank. Open your banking app directly or type the URL manually.
2. Your bank will never ask for your full password, PIN, or CVV via SMS or email. Any such request is fraudulent.
3. Do not enter SMS verification codes on any page you reached through a link. Only enter codes in the official banking app.
4. If you receive a call from "your bank," hang up and call back using the number on the back of your card or on the official website.
5. Enable push notifications through your official banking app so you can see real-time transaction alerts.
6. Set transaction limits on your internet banking to minimize potential losses.
7. Report suspicious messages to your bank and to CERT-RO (cert.ro).

What to Do If You've Been Phished

1. Call your bank's emergency line immediately.
   • BCR: 0800 801 BCR (0800 801 227)
   • BRD: *2227 from any network
   • ING: 0800 802 802
   • Raiffeisen: *2000
2. Request an immediate card block and account freeze.
3. Change your internet banking password from a secure device.
4. File a report with Poliția Română (cybercrime division).
5. Contact CERT-RO to report the phishing site.
6. Monitor your account for any additional unauthorized transactions.

Sharing Banking Information Safely

If you need to share bank account details, IBAN numbers, or temporary access credentials with a family member, accountant, or business partner, never send them through WhatsApp, Messenger, or email. These channels are not encrypted end-to-end (or in Messenger's case, messages persist in cloud backups). Use LOCK.PUB to create a password-protected memo containing the banking information. Set an expiration time, share the link, and the data disappears after being viewed. No permanent record in any inbox.

The Bottom Line

Romanian banking phishing is a multi-million-lei industry targeting BCR, BRD, ING, and Raiffeisen customers daily. The attacks succeed because they create urgency and perfectly mimic official communications. Your best defense is simple: never interact with banking links received via SMS or email. Always access your bank through the official app or by typing the URL directly. When you need to share banking details securely, use LOCK.PUB to keep them encrypted and temporary.