The biggest threat to banking customers is the increase in online fraud. According to Alewyn Burger, chief executive of Standard Bank personal and business banking, there has been a 50% growth in spyware in the past 20 months, and a 16-fold increase in virus manufacturing over the past three years.
While these statistics are alarming, Burger insists that internet banking remains one of the most secure forms of banking and the banks have measures in place to trap fraudsters.
In a breakthrough for the local banking industry, Standard Bank was able to break an online fraud syndicate that had links with Eastern Europe. The syndicate sent out spyware to computers, especially unsecured computers in internet cafes, where the software captured personal details such as card, personal identification numbers (PIN) and passwords.
These details were transmitted to a server in Estonia from which the criminals were able to log on and defraud vulnerable customers. This has led to warnings by banks not to do internet banking in wireless internet environments or at internet cafes.
Herman Singh, director of architecture and technology engineering at Standard Bank, notes that although spam mail has been on the decline, ‘phishing” attacks have been rising.
Phishing is when a client receives a genuine-looking email where the criminals are trying to acquire sensitive information.
Typically it is done using email and instant messaging, although cases are known where the crooks use phones.
Singh says that customers should not reply to an email whose authenticity is in doubt. He advises against customers using ‘unpatched” software or unsecured software as spyware software can be sent to one’s machine to capture one’s personal details, which is then sent back to the fraudster.
One can also inadvertently download spyware by clicking on a link contained in a dubious email. For example, fraudsters have been masquerading as online auctioneers Ebay and sending out e-mails saying they have a buyer for your goods.
Coming back to basic safety rules, Singh advises never sharing a password, never clicking on an email that is purportedly from a bank and securing your computer with updated antivirus software, which can be downloaded from the bank’s website.
He also encouraged clients to use the bank’s notification system so that they know when there is activity on their accounts.
He also advises typing out the full URL or the web address of your bank. Many clients log on to to spoof sites where they leave their details to fraudsters, who then log on and spirit away their cash.
Spoof sites look like a genuine site.
‘We have found not one instance where a customer has lost money if they followed this process,” he said, underscoring the need for caution by observing that 86% of all attacks are directed at the home user while only 14% are directed at the financial houses themselves.
Phishy business
Absa recently warned of a new type of fraud hitting cellphone users. It says the latest scam devised by fraudsters entails phoning customers to advise them that they have won extra airtime.
The customer is then asked to supply the last dialled number on the phone to authenticate their identity. This number is then used to do an illegal SIM swap. Fraudsters are thus able to receive all of the customer’s calls and SMSs. Customers’ cellphones will stop functioning a few minutes after receiving the call.
You need to contact your cellphone operator immediately if a cellphone ceases to work to ascertain whether an illegal SIM swap has been performed. It is also important to phone your bank to safeguard any cellphone-related security measures.