Criminals have organised themselves to leverage data to defraud victims despite digital banking and related products being far safer than in-person banking, says Nischal Mewalall, the chief executive officer of the South African Banking Risk Information Centre (SABRIC).
Mewalall said that what has made it easier for people to get scammed is that criminals are leveraging data and exploiting the human vulnerability to gain personal or confidential information that eventually enables them to defraud a victim.
Criminals are not successful in committing digital crimes because they are able to hack a product but because they are successful in tricking the human user of the product, said Mewalall.
According to the SABRIC Annual Crime Statistics, there has been a significant increase in the number of cybercrimes with 35,307 incidents across banking apps, mobile banking and online banking in 2020 compared to 26,567 in 2019.
The new trend
SABRIC said they have seen increases in calls from fraudsters impersonating bank officials, this type of fraud is known as “vishing”, where:
- The criminal seeks to have a conversation with the victim posing as a ‘bank official’.
- The criminal then tries to persuade them to give away sensitive information that can be used to defraud the victim.
“This is a very common tactic and SABRIC has seen an increase in this type of crime being committed. If vishing and phishing efforts are successful, it then correlates with the high number of crimes on a bank’s digital platforms, because the fraudster uses the unlawfully obtained data to impersonate the victim and access funds or make purchases in the victim’s name,” said Mewalall.
What you can do
To best protect yourself from banking scams SABRIC urges bank customers to note the following preventative measures:
- Don’t click the link – Banks will never send you a text or email requesting that you click a link, if you receive this type of message, don’t respond – just delete it and call your bank to confirm that it did not come from them.
- Don’t respond – Some scammers use fear-inducing language, pressure or even threaten you into sharing private information, but don’t respond. Instead, call your bank directly to see if it’s a legitimate request or a scam.
- Be aware – Your bank will never ask for your account number, social security number, name, address or password in an email or text message.
- Look out for typos – It’s very common to find typos in a fraudulent text or email. If you find one in the message, you know it’s a scam and be sure to delete it right away.
- End the call – If you receive a phone call requesting confidential or personal information, do not respond and end the call. Banks will never ask you to confirm confidential information over the phone.
- Don’t share – Never share personal and confidential information with strangers over the phone.
- Be careful with OTP’s – If you receive an OTP on your phone without having transacted yourself, it is likely that it is a fraudster who has used your personal information. Do not provide the OTP telephonically to anybody. Contact your bank immediately to alert them to the possibility that your information may have been compromised.
- Be aware of SIM swops – If you lose mobile connectivity under circumstances where you are usually connected, check whether you may have been the victim of a SIM swap.
- Numbers can lie – Be conscious of the fact that criminals can mask their telephone numbers seem as if a legitimate individual or company is making the phone call. SABRIC also encourages people to report the numbers used in vishing scams to their bank immediately, should they receive such a call.