Online fraud no longer represents a marginal threat, reserved for inexperienced users, but has turned into a cross-border, professionally organized industry, in which criminals use artificial intelligence, psychology, call centers, IT developers, recruiters, carefully prepared scenarios and performance indicators to fool as many victims as possible, said the participants in the debate organized by ING Bank Romania, in partnership with the National Directorate for Cyber Security and the Romanian Institute for Active Aging, an event dedicated to the latest digital fraud methods and solutions through which users can protect their identity, bank accounts and savings. Speakers at the event showed that attackers no longer operate improvised, through carelessly written messages and promises that are easy to dismantle, but rather build credible scenarios, exploit emotional vulnerabilities and can simulate the identity of banks, the Police, ANAF, DNSC or other authorities.
The debate started from the study conducted by Exact Business Solutions for the Romanian Institute for Active Aging, in the period May-June 2026, on a sample of 701 banked people over 50 years old, a study that revealed that over 60% of the participants in it had already faced at least one attempt at digital fraud, the most exposed category not being the elderly who rarely use the internet, but precisely the 50-59 year old segment, the most active in the online environment, in banking applications and in e-commerce. Behind the statistics, however, lie financial losses, loans contracted under pressure from attackers, life savings transferred in a few seconds, shame, isolation and psychological trauma that may require specialized treatment, given that the international money recovery rate is less than 4%.
Alexandra Dobre, founder of the Romanian Institute for Active Aging, showed that the move of an increasing part of daily life to the digital environment has brought not only quick access to services and information, but also a permanent exposure to fraud attempts. The research data presented by the IRIA representative describe a reality in which attempted fraud has become almost a common experience for the banked population over 50 years old. Seniors know, on average, seven of the 13 types of fraud analyzed, but end up experiencing 2.1 different types of online attacks, which shows that the simple theoretical recognition of a method does not automatically provide protection when the victim is caught in a scenario designed to cause panic, excitement or haste. The most important surprise of the study contradicts the prejudice according to which people who use technology less often are inevitably the most vulnerable.
"Many people think that people who use technology less are also the most vulnerable. Well, this was my biggest surprise, because the study showed exactly the opposite. When we started collaborating with ING, this is exactly what we were discussing, that we don't have figures in this area. The most digitally active category is the 50-59 age group, and 97% of them use the internet, 95% use WhatsApp, 89% use banking applications, 85% make online payments. And this is exactly the category that also reports the highest average of frauds experienced, namely between two and 2.6 types of fraud, compared to 1.3 among people over 70. We would have expected that people over 70-80 would be the ones who experience online fraud the most often, but that's not the case. The conclusion is simple: the more we use technology, the more we need solid digital skills," Alexandra Dobre emphasized.
• 30% of victims do not report fraud to state authorities
The most common attempts are fake messages and calls through which attackers imitate the bank or various public institutions - ANAF, the Ministry of Finance, the Police, a type of fraud that 66% of respondents have heard of, followed by sending suspicious links, recognized by 63% of research participants. However, when the discussion moves from the notoriety of the methods to actual experiences, dangerous links come first.
"Suspicious links are recognized by 63% of respondents, but when we discuss what real experiences mean, the trend changes little. Suspicious links come first. 33% of respondents say they have received such links, 24% have encountered offers with unrealistically low prices, and 20% have received messages or calls that imitated the bank. These data show us very clearly where the prevention campaigns we organize should be focused. Respondents state that their loved ones have experienced, on average, 1.8 types of fraud, and in a third of these cases there were financial losses,” explained Alexandra Dobre.
The study also offers a relatively encouraging signal: 89% of respondents state that the attempts they were exposed to did not generate significant financial losses. The percentage indicates that many users recognized the danger before the attackers gained access to money, bank data or accounts, but it does not diminish the seriousness of the phenomenon.
The reaction of victims after an attack remains uneven. According to the data presented, 69% of those who have faced online fraud say that they have contacted the Police or other authorities, 47% immediately blocked the contact, and 36% checked the information before reacting. At the same time, a significant part of victims do not report the attempt, either because they no longer trust the possibility of recovering the damage, or because they do not know the procedures they must follow.
"There is a category 30% of respondents who say they did not report that attempted fraud or fraud, if it occurred, because they thought that this would not help and that the authorities would not or would not be able to do anything. In addition, 23% say that they do not know how to proceed. So, from the start, we have 23% of those for whom we owe it to do something, to help them get informed, to be able to maintain their independence and to be able to defend their financial resources. These results tell us that we need clearer and easier to understand procedures, which are in everyone's language", said Alexandra Dobre.
The study also shows that television remains the main source of information on online fraud for the analyzed segment, being mentioned by 83% of respondents. The Internet and social networks are used as a source of information by 63%, banks by 44%, and family by only 39%. Beyond digital skills, one of the major vulnerabilities of older people is loneliness, which can turn a simple online conversation into a gateway for manipulation.
• Fake investments, one of the most common online frauds
Alin Becheanu, director of fraud monitoring and prevention at ING Bank, insisted that the victim should not be judged solely by their level of education. Attackers look for the moment when judgment is clouded by intense emotion, and the person feels the need to act immediately.
"The most important thing is to realize that it is not necessarily about education when you are a victim of fraud, but rather about the attention you give when something happens to you, such as either exaggerated joy - "I won something”, "I am the heir to a fortune”, "I am going to get my taxes back from ANAF” - or fear, when your accounts are going to be blocked, you are going to be seized by ANAF or something bad is going to happen. Then, simply, you enter a phase in which you can no longer think that it is a scam, but you want to resolve the situation as quickly as possible”, explained the ING Bank representative. In his opinion, digital fraud should be treated as a specialized industry, not as a succession of unrelated incidents. "We are no longer talking about an isolated situation, but about the fact that online fraud has become a real industry, truly specialized. And when I say specialized, we start from the fact that we have situations in which there are call-center departments, recruitment and IT developers, who have objectives, have performance indicators, such as: how many victims you manage to fool in a day. It is very important to treat these situations with the necessary resources and mechanisms, so that we can combat them", said Becheanu.
Furthermore, the effectiveness of attacks increases by combining artificial intelligence with psychological manipulation techniques. "People are not fooled just with a voice or an image, but the mechanism by which attackers manage to manipulate depends on a lot of psychological knowledge. Turning on some light bulbs on a personal level, such as exaggerated joy or fear, makes the person, at that moment, become the perfect victim", said the director of fraud monitoring and prevention at ING Bank.
The damage doesn't stop at the amount that's gone from the account. "From an impact perspective, the first thing we have to remember is that we're not just talking about the costs of the fraud itself, but there's also a psychological component to fraud. The effect it has on a person's who become victims is colossal. There are situations in which victims need specialized treatment, have lost their life savings or have obtained loans that they now have to pay back, given that the money was transferred to the attackers,” said Becheanu.
Among the most dangerous methods are fake investments, in which the victim is promised 50-70% gains in just two or three weeks, romantic frauds and scenarios based on impersonating banks and authorities. The mechanism usually follows two stages: the attacker first creates panic, then presents himself as the person offering the saving solution. One of the most difficult tasks of anti-fraud specialists is not identifying the suspicious transaction, but convincing the client that the person he is talking to is manipulating him.
"The biggest challenge is convincing the manipulated client to give up the transaction. The most difficult thing is not to catch the transaction, but to convince the victim that he is, in fact, a victim and that everything is a hoax. My advice is: take a break. Don't act instantly. Go back to another channel, call the bank at the number on the back of the card or go directly to the application”, recommended Alin Becheanu.
• Safety ecosystem, proposed by ING Bank
ING Bank proposes building a safety ecosystem based on the partnership between the bank and the customer, in which the authorities and the private sector should participate. Among the developed functions is Safe Call, through which the customer can check whether the received call really comes from the bank. The intervention must be extremely fast, since, when money is transferred through instant payments, it reaches its destination in a few seconds, and the chances of recovery decrease dramatically.
Adelina Brânciog, representative of ING Bank, presented another function introduced in the banking application: "We introduced the "safety button” in the application. The customer can instantly block access to accounts and cards if they suspect fraud, and to unblock it they must call the call center”. The mechanism gives the user the opportunity to react without waiting to connect with an operator, in a situation where every second can decide whether the money stays or disappears from the account.
Mihai Rotariu, coordinator of the Communication, Marketing and Media Department within DNSC, drew attention to the contrast between the performance of the digital infrastructure in Romania and the insufficient level of users' security reflexes. "Romania offers a unique infrastructure in the internet area. We use intelligent tools, but we do not have the necessary security reflexes to be able to protect ourselves and, at the same time, we do not keep up with technology as an end user, and here I am referring to AI-type tools, Facebook and so on. Reality can already be distorted to such a magnitude that even some experts in the digital area can no longer figure out what is real and what is not," explained Rotariu.
Faced with images, voices and recordings generated or modified with the help of artificial intelligence, the simple impression that a material "seems real" is no longer enough. "We need to work on these security reflexes in the online environment, to get used to making certain predictions. Even if a clip, audio or image seems real and we are not convinced whether it is real or not, we need to do additional checks, to think about whether something bad is about to happen. So, we are all vulnerable. Social engineering is used a lot. We are not talking about hackers, we are not necessarily talking about people with high IT training, but about people who are very well trained to converse", said the DNSC representative.
• Ghişeul.ro, used by attackers for online fraud
Attackers exploit both negative emotions, such as the fear caused by a fine, a blocked account or an alleged loan contracted in the victim's name, and positive emotions, such as the joy of winning a prize or receiving a voucher. In both cases, the goal is the same: to determine the user to provide sensitive data, authorization codes or access to the account.
While phishing via links has long been the top fraud type reported, most attempts are now made over the phone, using a method called vishing. Attackers can change the caller's displayed identity and simulate, through spoofing, the number of a bank or institution. "Most fraud attempts are made over the phone. Basically, you get a call from a bank, an authority, ANAF, DNSC or the Romanian Police and they present you with a certain story, a certain scenario that makes you emotional. The calls are made over the internet, via Voice over IP, and attackers can put there not only the number they want to simulate, but they can also change the caller's name," Rotariu warned.
A method adapted to the travel season and holidays involve fake messages about traffic fines. "There is a possibility that users will receive fake messages informing them that they have received a traffic fine, which is plausible. They are told that they must pay within 48 hours and are given a link. If they access that link, they will see a site that looks visually similar to Ghişeul.ro. However, if we look at the name in the link, we see that it is, in fact, a domain like ghişeul.cc. We have taken the necessary steps and blocked such a site," said Mihai Rotariu.
Clone sites can almost perfectly reproduce the appearance of a store, a public platform or a bank page. The difference may consist of only a few letters in the address, an unusual domain or an ending that the victim, pressed for time, does not notice. A case presented during the debate involved a user who was selling a product on a marketplace platform and who was convinced to "validate” his card. He provided the card details and authorization codes, and the transaction was stopped only after the bank intervened.
"We have records of attackers working in call centers and who answered any question. There are complex schemes in which you are called by the "Police”, then you are connected to the "bank” to transfer money to accounts presented as "safe” or in cryptocurrencies, under the pretext of avoiding a seizure or a search. If you have provided data, you must immediately notify the bank and then the Police”, explained the DNSC representative.
• Damage of 16 million lei recovered in the first semester of 2026
The representative of the Criminal Investigations Directorate of the Romanian Police confirmed the high degree of organization of the groups. "Call centers have "conversion” and "competence” components. They usually do not operate in the same jurisdiction as the victims. Recently, we have had actions in locations in the Republic of Moldova and Ukraine, where Romanian speakers were active. They even use green screens, chroma key, to simulate official headquarters during video calls,” explained the Police representative.
A particularly cynical method is revictimization: after the person has already lost money, they are contacted by a supposed expert who claims that he can recover the damage in exchange for another fee, sometimes thousands of dollars. "After you have lost money, you are contacted by a "specialist” who promises to recover it for a fee, for example 5,000 dollars. The police never call you via video to ask for money,” warned the Romanian Police representative.
If last year, police recovered damages of 11 million lei from online fraud, in the first six months of 2026, damages of 16 million lei were recovered, but the amount represents, in the words of the Police representative, only "a drop in the ocean".
In the same period, approximately 15,000 facts were recorded, which were added to the 67,000 recorded at the end of last year, of which 10,000 were solved in the first six months of 2026, according to the Police representative. Basically, criminal investigation bodies are left with a stock of 72,000 online frauds that are still being investigated. And the investigations are complicated by both the international routes of money and the differences in legal classification. The act can be analyzed as deception when the victim is convinced only through conversation to transfer the money or as computer fraud when the attacker determines the installation of a program and takes control of the device.
The common message of specialists is that haste works for the attacker, and pause works for the victim. A bank, the Police, ANAF or DNSC do not request the transfer of money to a "secure account", the disclosure of authorization codes, the installation of remote control applications or the transfer of savings into cryptocurrencies to avoid an alleged seizure. When the caller causes panic and immediately offers a "magic solution", the safest reaction is to interrupt the conversation and directly verify the situation, using official numbers and applications. In a criminal industry that measures its performance by the number of victims fooled daily, a few minutes of lucidity can make the difference between a failed attempt and the loss of the savings accumulated in a lifetime.

















































Reader's Opinion