A RECENT Carte Blanche story has again put the spotlight on phishing and online banking scams.
Penny Futter, chief information officer at African Bank, said it is a real issue facing banks and the public.
Any attempt to get you to share sensitive information, such as usernames, passwords and credit card details by email, SMS or other communication, is phishing.
“No one is safe. We are all targets. Phishing makes up more than half of local fraud.”
Carte Blanche reported that, according to data collected over eight months last year by the South African Banking Risk Information Centre, internet banking fraud makes up 55% of all fraud happening at SA banks – a loss of R250 million.
Futter said victims honestly believe they are speaking to a credible source from their bank or another trusted institution when they disclose sensitive information, often under the guise of a “security protocol”.
Once a criminal has a mobile banking pin or password, a fraudulent sim swap allows criminals to perform transactions as if they were the account-holder.
“Although most people are aware of the scams and would not normally give out important information, the problem is these fraudsters are so credible that many people still fall victim to their scheme. They are not even aware that they have been scammed until it is too late.”
She says it is important to check bank statements regularly and to set limits on all your accounts.
When shopping online, she recommends using only reputable companies who have robust security and authentication policies in place to avoid being scammed.
Dealing with phishing
- Don’t click on links or icons in random emails. Do not even open or reply to these emails. Delete them immediately.
- Type in the URL or full address for your bank in the internet browser if you need to visit your bank’s website. Before logging in, check that the website is secure – look for the s in the https:// part of the address.
- Check that you are on the real site before using any personal information. If you think the site you are visiting might have been compromised, contact your bank immediately – they might need to reverse any strange transactions.
- Create complicated passwords that are not easy to decipher and change them often – at least every three months.
- Do not tell others your passwords. Do not write them out on paper in your wallet.
- Never carry unnecessary personal information in your wallet or purse.
- Never access your banking site on a public Wi-Fi network.
- Don’t give out any personal details to people on the phone. A bank will never phone you to ask for your PIN. Always keep your online banking login and password details confidential.