Skip BreadcrumbHome / Security / False messages - Do not open the links

False messages - Do not open the links

We have been alerted that several Clients and non Clients received e-mail messages with the subject “Se faz favor de verificar o documento em anexo" (Please check the attachment) and “O documento esta em Anexo” (The document is hereto attached), both requesting the Client to open an attachment with a “doc” file extension (supposedly a Word file).

Example of the fake e-mails received:

 


These are another two cases of Phishing wherein, when you access the link sent, you install malicious software without even knowing it.

After this malware is installed on your device, we verified that, when you login to millenniumbcp.pt, you get a pop-up regarding our web page, warning that you need to install a security module “Instalação do Módulo de Segurança”, asking you to enter your Multichannel Code, afterwards sending a text message with an Authorization Code, as per the screen images below:

 

Click image to zoom Click image to zoom Click image to zoom Click image to zoom Click image to zoom

 

Following this phishing of the User's Access Codes, the cyber-criminal requests an Authorization Code to be able to register the Millennium App and an SMS will be sent saying:

 “Pedido de registo na App Millennium - Cod. Autorização: *******. (Request to register the Millennium App - Authorisation Code: *******)   Contacte o Banco caso não tenha solicitado este código.” (Contact the Bank if you did not request this code).

Do not enter the Code you received on your mobile phone to confirm the fraudulent installation of the alleged security module.

Please be reminded that:

  • To access Millennium bcp's homebanking services the Bank NEVER requests your mobile phone number or the installation of security software;
  • Whenever you access your bank accounts through the Millennium bcp website, check if the address starts with https://ind.millenniumbcp.pt/(for the Individuals access) or https://emp.millenniumbcp.pt (for the Companies access) and that, at the end of the address bar, a lock is shown, as follows:
    Endereços 
  • Millennium bcp does not send e-mail messages with links;
  • Millennium bcp's website is accessed using a User Code and three random positions of the Multichannel Code (if your enter a wrong number, the three random positions requested remain the same until you login successfully);
  • You should beware of any e-mail that requires "immediate action" or creates a sense of urgency, especially if it shows spelling errors or bad grammar, links and attached files;
  • Carefully read the SMS received containing the Authorisation Codes since the transaction data are identified in the SMS;

Remember: The protection of your assets and of your computer depends on you!


If you ever find something out of place at www.millenniumbcp.pt/en or if you need further information please call us on 91 827 24 24 / 93 522 24 24 / 96 599 24 24 / +351 21 005 24 24 (from Portugal or abroad) (Personal Assistance 24/7).

You can read all the Security information available here. (Companies)

You can read all the Security information available here. (Individuals)