Scammers defraud NCB customers of $18m in 10 days

KINGSTON, Jamaica— At least $22 million have been defrauded from the accounts of National Commercial Bank (NCB) customers in smishing attacks since the start of the year.

More than half of this amount was defrauded a little over a week ago, Dane Nicholson, Manager for Special Investigations in the bank’s Fraud Unit, said.

“So, over the last 10 days or so we have seen close to $18 million, but for the year starting from January 1 to current, is about $23 million thereabout that customers have lost to smishing and phishing attacks,” Nicholson revealed.

Smishing is the type of scam in which fraudsters send fraudulent messages by text message to trick people into handing over delicate information about their bank accounts. Phishing is a similar scam via emails.

Nicholson told OBSERVER ONLINE that the money taken over the last 10 days was from the accounts of about a dozen customers.

He said the police are on board with the bank’s investigations and so far, one person has been arrested in connection with the attacks. He expects more arrests.

The attacks have forced the bank to enact new policies. “We have implemented a no click, no link policy,” Nicholson explained. “So once customers get these SMS or email messages with a link in there asking them to click on it, please we are advising the customers not to click on them because we have a no click, no link policy.”

Explaining the scam, Nicholson said the fraudsters would send customers messages purporting to be from NCB. The messages would ask them to click a link to either regain access to their accounts, reset passwords about to be expired, or verify info because of a suspicious transaction on their accounts.

Once they click, it takes them to a page resembling NCB’s login page and asked them to provide their username or password. After doing this, the link would time out or they get an error message.

“So, they would have submitted their username and password in that phishing attack. That is where the fraudster would gain sufficient information now on the customers and would now call them back to pretend to be an employee of the bank,” he explained.

“And we have seen where they have called customers pretending to be me, Dane Nicholson, asking customers to verify suspicious transactions and to stop the fraud they need to provide them with their token number. Once the customers provide their taken code, that is when fraudsters would have sufficient information to add beneficiaries to their account to execute the fraudulent transactions.”

Nicholson said in some instances, based on investigations, the page also takes them to another page that asks them for their 16-digit credit card number, CVV number and the expiry date.

He said the bank identified some customers who fell victim to the attacks. “Others reached out to us to say that they have clicked on the link and persons would have called them and they would have divulged information. So those customers have reported the matter to us,” he said.

DAVID DUNKLEY , Observer Online writer

Now you can read the Jamaica Observer ePaper anytime, anywhere. The Jamaica Observer ePaper is available to you at home or at work, and is the same edition as the printed copy available at


  1. We welcome reader comments on the top stories of the day. Some comments may be republished on the website or in the newspaper; email addresses will not be published.
  2. Please understand that comments are moderated and it is not always possible to publish all that have been submitted. We will, however, try to publish comments that are representative of all received.
  3. We ask that comments are civil and free of libellous or hateful material. Also please stick to the topic under discussion.
  4. Please do not write in block capitals since this makes your comment hard to read.
  5. Please don't use the comments to advertise. However, our advertising department can be more than accommodating if emailed:
  6. If readers wish to report offensive comments, suggest a correction or share a story then please email:
  7. Lastly, read our Terms and Conditions and Privacy Policy