In 2020 social engineering became a major tool used by fraudsters to steal funds of bank customers and 68 per cent of the banking industry fraud recorded in recent times is being traced to social engineering according to data by the Nigeria Inter Bank Settlement System (NIBSS).
Many bank customers had been tricked into divulging sensitive data to fraudsters and the data were then used to clean up their bank accounts. The criminals had relied on the pandemic and lack of knowledge of workings of cybercrime to defraud unsuspecting bank customers.
Here are things you need to know about cybercrime to protect your funds and bank accounts from fraudsters:
Social Engineering
Social engineering is when fraudsters trick individuals to reveal personal data that could be used to access their bank accounts. These criminals manipulate individuals into giving them passwords or bank information, or access computer to secretly install malicious software that will give them access to passwords and bank information as well as giving them control over the individual’s computer.
Criminals use social engineering tactics because it is usually easier to exploit your natural inclination to trust than it is to discover ways to hack your software. The fraudsters use methods such as phishing (pronounced fishing) and pharming (pronounced farming).
Phishing
Also known as “spoofing,” fraudsters impersonate banks contacting the customers by text message, email or phone. These scams are incredibly effective because fraudsters often use legitimate bank logos to add authenticity to their attack, as well as creating links and email addresses which have been carefully designed to appear genuine, and pass a cursory glance by an unsuspecting victim.
The criminals may call the customer pretending to be from the bank, asking for details such as the numbers on the debit or credit card. They may also ask that the customer give them a code that was sent to the phone of the customer. In most cases, they start off by making the customer panic, saying there had been a suspicious debit request on the account before proceeding to ask for sensitive information such as passwords, date of birth amongst others.
Oftentimes, phishing comes in the form of an email alerting the customer of an impending debit, subscription for an obscure publication, updating account details, blocking of account or deactivation of token. It is always accompanied with a link that takes the unsuspecting customer to a website used in harvesting sensitive information.
Pharming
Although similar to phishing, pharming is more covert in that it clones the IP address of a legitimate website to trick individuals into divulging sensitive information that can be used to clean up their bank accounts. An example is when fraudsters cloned the N-Power website last year to defraud people.
Protecting Yourself
Your bank or card provider such as Mastercard, Verve, Visa or Afrigo will not call, text or email you to ask for sensitive information such as your card details, passwords or internet login details. Your bank will not send you an email with a link. Never open any email unless you know who the sender is. The very act of opening an email can infect your computer with malware. Be skeptical of every email you get, and never click on suspicious links, or download suspicious attachments.
When online, always watch out for the browser URL to ensure that you are on an authentic website and not a fraudulent one especially when you are redirected to a payment gateway. Do not divulge bank details and sensitive information to websites you do not trust.
