The ING Bank has issued an warning to its clients about a new phishing campaign, orchestrated by the yet unknown group of  fraudsters.

For the scam to be successful, the fraudsters first requires to obtain several essential pieces of information. To that end, the unsuspecting client is contacted by a person who claims to be a ING bank’s representative. The “consultant” skilfully manipulates the victim to firstly reveal his or hers login and password to the banking system. Secondly, the client is asked to pass the newly generated SMS code, displayed on the victim’s phone.
The obtained login credentials allow the scammer to permanently change the phone’s number, on which all the future authentication codes will be send.

The ING Bank warns its clients that the bank’s employees will never ask for login credentials.