Tag: banking

FNB backtracks on password decision

FNB recently announced a new online banking policy which prevented users from saving their passwords to their browsers.

However, the bank received a backlash from techsavvy users, who pointed out that using software to bypass this feature would create more vulnerability.

FNB head of digital banking Giuseppe Virgillito told MyBroadband that the bank had taken note of social media feedback.

“FNB recognises the valuable feedback from our customers regarding the measures to prevent auto-filling of banking passwords,” Virgillito said.

“We have found that a number of our customers save their banking passwords to their browsers. This places customers with stolen or unattended devices at considerable risk.

“As a consequence, we strongly discourage customers from storing their banking passwords in their browsers.

“The use of this type of software for your banking is strongly discouraged as it places the user at a high risk of introducing malicious software onto their device.

“Alternatively, it also places users at an increased risk of phishing. As a consequence, hereof, we have decided to revisit the decision to prevent auto-filling of passwords at this time,” Virgillito said.

FNB users should now be able to log in to their online banking as normal, using password managers or auto-fill passwords.

First National Bank (FNB) has announced that users will no longer be able to save their online banking passwords in their browsers.

Going forward, whenever a user wants to log into their account they will have to do so manually.

This forces users to keep their banking passwords secure.

“All stored passwords on your device can be viewed during a malware attack. Passwords can be easily accessed on your unattended/unlocked/stolen device,” FNB stated in a MyBroadband article.

FNB advises that users do the following to keep their passwords safe:

  • Do not share login details with anyone
  • Always use a different password for different websites. Avoid using the same one over and over
  • Report any fraudulent activity immediately to the FNB Fraud Centre: 087 575 9444
  • This change may interfere with various third-party password lockers such as LastPass

Watch out for these common banking crimes

SABRIC, the South African Banking Risk Information Centre, on behalf of the banking industry has released its annual crime stats for 2018.

“We are concerned about some of the increases, which clearly reflect that criminals will take every opportunity to get their hands on bank customers’ money,” says SABRIC CEO, Kalyani Pillay.

Combined gross card fraud losses on South African issued cards saw an 18% increase from 2017 to 2018, totalling R873 394 351, with credit card fraud increasing by 18.4% and debit card fraud increasing by 17.5%.

Card Not Present (CNP) fraud on South African issued credit cards remained the leading contributor to gross fraud losses in the country, accounting for 79.5% of all losses. CNP debit card fraud showed the greatest increase in losses at 62.3%, due to the enablement of Card Not Present transactions on debit cards.

“We have seen a sharp increase in Vishing incidents, where criminals phone bank customers, lead them to believe that they are speaking to the bank or a legitimate service provider and use social engineering tactics to manipulate them into disclosing their confidential bank card details, as well as other personal information. “A bank will never call you to ask for this information. If you receive such a call, put the phone down immediately,” says Pillay.

In 2018, Lost and/or Stolen debit card fraud amounted to 42.5% of all debit card fraud and bank customers continue to fall victim to fraud at ATM’s while transacting. Criminals approach victims under the pretext of being helpful, and in many instances even pose as a bank official. They then steal the victim’s banks card and shoulder surf to obtain the PIN. SABRIC therefore urges bank clients to never accept assistance from anyone at an ATM, no matter how friendly or helpful they may appear.

In 2018, 23 466 incidents across banking apps, online banking and mobile banking amounted to R262 826 888 in gross losses. It is concerning that incidents across these platforms increased by 75,3%. Mobile banking incidents showed an increase of 100%, with gross losses of R28 941 040, while online banking incidents showed an increase of 37.5% with gross losses of R129 002 523. Banking app incidents increased by 55.4%, with gross losses of R104 883 325 for the same period. SIM swops in the Mobile Banking space saw an increase of over 200% to 11077 incidents.

Criminals are very adept at understanding psychology and will use social engineering tactics to exploit any human vulnerability to harvest confidential information like a PIN or a password in order to steal cash. When it comes to online banking, beware of Phishing emails that request that you click on a link. The link directs you to a “spoofed” website designed to obtain, verify or update contact details or other sensitive financial information. “Never click on links in unsolicited emails!” says Pillay.

We are pleased that Cash in transit (CIT) robberies decreased by 22% from 376 to 292 incidents from 2017 to 2018. Cash losses here also showed a decrease of 22% for the same period. SABRIC will continue to work closely with law enforcement and other partners to address the scourge and ensure further declines.

“To have any significant impact on the fight against all of these crimes, the collective efforts of banks, bank customers and law enforcement are imperative,” says Pillay.

SABRIC urges you to be your money’s best protection by following these tips:

Tips when using ATMs

· If you think the ATM is faulty cancel the transaction IMMEDIATELY, report the fault to your Bank and transact at another ATM.

· Avoid ATMs that are dimly lit or surrounded by loiterers, and never allow your children to draw money using your card, since they’re the most vulnerable to perpetrators.

· Have your card ready in your hand before you approach the ATM to avoid opening your purse, bag or wallet while in the queue.

· Be cautious of strangers offering to help as they could be trying to distract you to get your card or PIN.

· Follow the instructions on the ATM screen carefully.

· ONLY punch in your PIN once prompted by the ATM.

· Report suspicious items or people around ATMs to the Bank.

· Choose familiar and well-lit ATMs where you are visible and safe.

· Report any concerns regarding the ATM to the Bank. Toll free numbers are displayed on all ATMs.

· Be alert to your surroundings. Do not use the ATM if there are loiterers or suspicious people in the vicinity. Also take note that fraudsters are often well dressed, well-spoken and respectable looking individuals.

· If you are disturbed or interfered with, whilst transacting at the ATM, your card may be skimmed, by being removed and replaced back into the ATM without your knowledge. Cancel the transaction immediately and report the incident using your Bank’s Stop Card Toll free number which is displayed on all ATMs, as well as on the back of your Bank card.

· Should you have been disturbed whilst transacting, immediately change your PIN or stop the card, to protect yourself from any illegal transactions occurring on your account.

· Know what your ATM looks like so that you can identify any foreign objects attached to it.

· Do not ask anyone to assist you at the ATM, not even the security guarding the ATM or a Bank official. Rather go inside the Bank for help.

· Never force your card into the slot as it might have been tampered with.

· Do not insert your card if the screen layout is not familiar to you and looks like the machine has been tampered with.

· Don’t use ATMs where the card slot, keypad or screen has been tampered with. It could be an attempt to get hold of your card.

· Your PIN is your personal key to secure banking and it is crucial to keep it confidential.

· Memorise your PIN, never write it down or share it with anyone, not even with your family member or a Bank official.

· Choose a PIN that will not be easily guessed. Do not use your date of birth as a PIN.

· Cover your PIN when punching the numbers even when alone at the ATM as some criminals may place secret cameras to observe your PIN.

· Don’t let anyone stand too close to you to keep both your card and PIN safe.

· Some fraudsters wait until you’ve drawn your cash to take advantage. Be wary of people loitering around the ATM and ensure that you are not followed.

· Take your time to complete your transaction and secure your card and your cash in your wallet, handbag or pocket before leaving the ATM.

· Set a daily withdrawal limit that suits your needs (the default amount is set at R1000.00), to protect yourself in an event that your card and PIN are compromised.

· Check your balance regularly and report discrepancies to your Bank IMMEDIATELY.

· Avoid withdrawing cash to pay for goods/services as your Debit Card can be used for these transactions. You can use your Debit Card wherever the Maestro/Visa Electron logo is displayed.

After you have completed your transaction successfully, leave the ATM area immediately. Be cautious of strangers requesting you to return to the ATM to finalise/close the transaction because they are unable to transact. Skimming may occur during this request.
Prioritise the setting of daily withdrawal and transaction limits.
Set a daily ATM withdrawal limit that suits your needs.
Transaction limits should also be in line with daily spending.
Set limits on international transaction expenditure.
Inter account transfer limits should also be managed wisely.

Tips to prevent phishing and vishing

Phishing:

· Do not click on links or icons in unsolicited e-mails.

· Do not reply to these e-mails. Delete them immediately.

· Do not believe the content of unsolicited e-mails blindly. If you are worried about what is alleged, use your own contact details to contact the sender to confirm.

· Type in the URL (uniform resource locator or domain names) for your bank in the internet browser if you need to access your bank’s webpage.

· Check that you are on the real site before using any personal information.

· If you think that you might have been compromised, contact your bank immediately.

· Create complicated passwords that are not easy to decipher and change them often.

Vishing:

· Banks will never ask you to confirm your confidential information over the phone.

· If you receive a phone call requesting confidential or personal information, do not respond and end the call.

· If you receive an OTP on your phone without having transacted yourself, it was likely prompted by a fraudster using your personal information. Do not provide the OTP telephonically to anybody. Contact your bank immediately to alert them to the possibility that your information may have been compromised.

· If you lose mobile connectivity under circumstances where you are usually connected, check whether you may have been the victim of a SIM swop.

Tips for carrying cash safely

Tips for Individuals

· Carry as little cash as possible.

· Consider the convenience of paying your accounts electronically (consult your bank to find out about other available options).

· Consider making use of cell phone banking or internet transfers or ATMs to do your banking.

· Never make your bank visits public, even to people close to you.

Tips for Businesses

· Vary the days and times on which you deposit cash.

· Never make your bank visits public, even to people close to you.

· Do not openly display the money you are depositing while you are standing in the bank queue.

· Avoid carrying moneybags, briefcases or openly displaying your deposit receipt book.

· It is advisable to identify another branch nearby you that you can visit to ensure that your banking pattern is not easily recognisable or detected.

· If the amount of cash you are regularly depositing is increasing as your business grows, consider using the services of a cash management company.

· Refrain from giving wages to your contract or casual labourers in full view of the public; rather make use of wage accounts that can be provided by your bank.

· Consider arranging for electronic transfers of wages to contract or casual labourers’ personal bank accounts.

Tips for Stokvel Groupings

· Refrain from making cash deposits of club members’ contributions on high-risk days (e.g. Monday after month end).

· Ensure persons depositing club cash contributions or making withdrawals are accompanied by another club member.

· A stokvel savings club or burial society can arrange for members to deposit cash directly into the club’s account instead of collecting cash contributions.

· Arrange for the club’s pay out to be electronically transferred into each club member’s personal account or accounts of their choice.

· Take another person with when going to deposit club cash contributions

Tips for protecting your personal information

· Don’t use the same username and password for access to banking and social media platforms.

· Avoid sharing or having joint social media accounts.

· Be cautious about what you share on social media.

· Activate your security settings which restrict access to your personal information.

· Don’t carry unnecessary personal information in your wallet or purse.

· Don’t disclose personal information such as passwords and PINs when asked to do so by anyone via telephone, fax or even email.

· Don’t write down PINs and passwords and avoid obvious choices like birth dates and first names.

· Don’t use any Personal Identifiable Information (PII) as a password, user ID or personal identification number (PIN).

· Don’t use Internet Cafes or unsecure terminals (hotels, conference centers etc.) to do your banking.

· Use strong passwords for all your accounts.

· Change your password regularly and never share them with anyone else.

· Store personal and financial documentation safely. Always lock it away.

· Keep PIN numbers and passwords confidential.

· Verify all requests for personal information and only provide it when there is a legitimate reason to do so.

· To prevent your ID being used to commit fraud if it is ever lost or stolen, alert the SA Fraud Prevention Service immediately on 0860 101 248 or at www.safps.org.za.

· Ensure that you have a robust firewall and install antivirus software to prevent a computer virus sending out personal information from your computer.

· When destroying personal information, either shred or burn it (do not tear or put it in a garbage or recycling bag).

· Should your ID or driver’s license be stolen report it to SAPS immediately.

Tips for protecting yourself against SIM Swops

· If reception on your cell phone is lost, immediately check what the problem could be, as you could have been a victim of an illegal SIM swop on your number. If confirmed, notify your bank immediately.

· Inform your Bank should your cell phone number changes so that your cell phone notification contact number is updated on its systems.

· Register for your Bank’s cell phone notification service and receive electronic messages relating to activities or transactions on your accounts as and when they occur.

· Regularly verify whether the details received from cell phone notifications are correct and according to the recent activity on your account. Should any detail appear suspicious immediately contact your Bank and report all log-on notification that are unknown to you.

· Memorise your PIN and passwords, never write them down or share them, not even with a bank official.

· Make sure your PIN and passwords cannot be seen when you enter them.

· If you think your PIN and/or password has been compromised, change it immediately either online or at your nearest branch.

· Choose an unusual PIN and password that are hard to guess and change them often.

Do credit card fees go beyond the law?

Source: Supermarket & Retailer

The National Credit Act (NCA) prohibits a credit provider from charging any fees or charges not listed in section 101 of the act. One of the permitted charges is a “service fee”. Regulations under the act cap this fee at R60 a month, unless an exemption applies.

So, is it legal for banks to charge credit card account holders a “card fee” or a “credit facility fee” over and above a monthly service fee? If not, why has the National Credit Regulator (NCR) done nothing to stop banks from doing so?

At the beginning of last year, Standard Bank started levying a “card fee” on anyone who has a standalone credit card, which is one that is not offered as part of an account with a bundle of transactions for a set fee.

The bank said the fee was to cover the costs of “the administration and maintenance of all the value-added services and features” associated with the credit card.

At the time, Nthupang Magolego, a senior legal adviser at the NCR, said the act provided a “closed list” of fees that a credit provider was allowed to charge under a credit agreement, and a card fee was not one of them.

She said the regulator would “investigate and take appropriate action” if an illegal fee was being charged.

More than a year later, the regulator will not say whether or not it investigated the issue. It has ignored requests for comment.

All of the big five banks are now charging either a card fee or a credit facility fee on some or all of their credit cards.

Ethel Nyembe, the head of card issuing at Standard Bank, also wouldn’t answer questions relating to an investigation by the regulator into the bank’s credit card fees.

Credit cards provide access to certain lifestyle offerings such as access to airport lounges and cinemas.

Customers who don’t want these benefits can use alternative credit offerings such as personal loans, overdrafts and certain credit cards from which such offerings are removed, says Nyembe.

Cilliers Kriel, CEO of the credit card division at FNB, says the bank’s credit card is more than a credit facility. It’s also a “financial services product”.

“The credit card account is a financial services product as defined in the Financial Advisory and Intermediary Services Act which can be used to make deposits, withdrawals, earn credit interest, make payments either by swiping at merchants or by debit order.

“The credit facility gives the customer the option to borrow, up to an agreed limit . The credit facility is attached to and maintained in association with the credit card account.”

Absa and Nedbank also separate the charges on the card account from those charged for a credit facility.

The NCA permits a credit provider to charge fees relating to the financial services agreement or account beyond those listed in the act for a credit agreement, says Kriel.

But Trudie Broekmann, an attorney who specialises in consumer law, says the act does not define a “financial services account”, so it’s not clear what the lawmakers intended by this.

Only if they intended to include a credit card account in the definition can the banks rely on the exemption and charge more than the R60-a-month service fee, she says.

In her opinion, the section of the act that treats the credit facility and the financial services account as separate components was drafted with an overdraft facility linked to a cheque or current account in mind. With an overdraft facility, it’s clear the credit facility (the overdraft) is secondary to the financial services account (the cheque/current account) and so regarding the two as separate components does not appear to be misplaced, she says.

“In the case of a credit card account, however, the credit facility and the financial services account are one and the same and it seems artificial to regard the account and the facility as separate components subject to separate service charges.”

No-one opens a credit card account without a credit facility and the primary function of a credit card account is to provide access to the credit facility, she says.

Treating them as separate components and charging you for each is like a supermarket charging you separately for an egg shell, egg white and egg yolk, she says.

Broekmann says it can be argued that the banks are in breach of the act when they charge you more than R60 a month on your credit card.

“This contention should be tested and I would be eager to represent a group of credit card holders . in taking the complaint to the National Consumer Tribunal to reach clarity on this aspect.”

By Shanice Naidoo for IOL

A Bloubergstrand man had his Absa business account swindled out of R3.1 million while he was in Miami for two months.
Feruccio Ferucci left Cape Town in October without suspecting that his banking information had been stolen.

Around the end of October, his Vodacom SIM card stopped working as well as his internet banking. Growing suspicious, he contacted his daughter in Cape Town to find out from Vodacom what had happened. They informed her that a SIM swap had been done.

“I did not authorise the SIM swap. My phone stopped working for about three weeks and then started working again.

“I haven’t heard anything from Vodacom telling me what happened because my phone just started working again three weeks later,” said Ferucci.

When he returned on December 2, he was shocked to find out from his staff about transactions which were not approved by them at his business in Paarl or by himself. These were fraudulent transactions which had gone off the business account during two of the weeks which his phone had not been working equating to R3.1m.

“These transactions were around R300 000 each and there were about ten transactions. I then contacted my attorney and he referred me another attorney who specialises in this type of crime. I then wrote a protest letter to Absa threatening to close my account with them and my money was refunded around December 23,” said Ferucci.

On speaking to the new attorney, he was told that this was often done to people who are overseas because perpetrators assume one would not check their phone regularly.

“The attorney told me that 90% of the cases he deals with involved people who went overseas. There is no doubt in my mind that what happened to me was promoted by employees of both Vodacom and Absa.

“They probably didn’t steal the money but they probably sell the information,” said Ferucci.

Both Absa and Vodacom have said they are investigating the matter.

IRS Forensic Investigations, which investigates financial, organised and cyber crimes director Chad Thomas said sim swaps are a major issue, with some victims reporting that they have become victims of crime while their phones have been off while they have been travelling long distances.

However, the breach of personal data, including credit card numbers is not just confined to individual hacks via trojans or malware but is also as a result of highly sophisticated cyber attacks on data stored by corporates.

“People need to take cognisance of the fact that a sufficiently determined and capable hacker can take over someone’s online footprint if the correct measures are not taken to protect their information. However, it is not just the individual that needs to take precautions, but also corporates that are storing client’s information and have a responsibility to safeguard that information,” said Thomas.

Source: MyBroadband

If your bank card gets stolen and you cancel it, this does not automatically mean that all payments from it will be blocked.

This was the case when two FNB customers contacted MyBroadband about their frustrating experiences with the bank.

The customers both had their FNB bank cards stolen in different scenarios – and both contacted FNB to have their cards cancelled.

Despite cancelling the cards, both users noted small payments still going off their bank accounts via card transactions.

The charges were toll gate fees.

In one case, the customer reportedly asked FNB why the cancelled card could still make transactions. He said he was told by FNB that he would have to blacklist the card, on top of cancelling it, to stop the transactions.

In the other case, the customer stated that all he could do was get a refund for the toll gate fees.

This customer subsequently contacted the toll gates where his card was being used to ask them to block transactions on it.

He also managed to obtain an image of the vehicle using his stolen card – it was a white Toyota minibus taxi with a Gauteng registration.

FNB responds
MyBroadband contacted FNB for feedback on the matter, and the bank confirmed that the bank cards were cancelled as described above.

“Unfortunately, due to toll gate merchants operating in an offline environment, this prevents them from obtaining authorisation from the bank for transactions of this nature. As a result, additional transactions were posted,” said FNB.

“The customer will not incur any loss resulting from fraud in this scenario.”

FNB was asked what a bank customer should do to ensure their cancelled card is not used to make these types of transactions, but the bank did not provide feedback.

Offline transactions
According to PASA (Payments Association of South Africa) documents, lost and stolen card fraud at toll gates has been highlighted as a significant concern in recent years.

“Although toll card transactions are a card present transaction, fast throughput of vehicles is important and transactions are thus processed in an offline and delayed manner – cleared in batch,” states PASA.

“Importantly, unlike any other offline card present card transactions, toll gate transactions are not verified by the cardholder in any way.”

It added that while toll gate transactions are checked against the “Hot Card” file, this “only contains a limited number of all lost and stolen card details”.

Banking complaints rise by 35%

By Robert Laing for Business Day 

The number of complaints from banking customers grew by an “unprecedented” 35% to 7 056 formal cases opened by the industry’s ombudsman in 2017, from the prior year.

Cases involving internet banking fraud overtook ATM complaints, banking ombudsman Reana Steyn said in the office’s annual report released on Wednesday.

Steyn said 22% of all banking disputes related to online banking, and “phishing” — a fraud scheme whereby consumers are duped into disclosing their login and password details via e-mails purporting to come from the bank — accounted for 77% of these.

“The category that previously topped the list, ATM complaints, were second highest at 18%, down 10% from the previous year, which is good news,” Steyn said.

The Ombudsman for Banking Services (OBS) is a voluntary dispute resolution service funded by the industry to offer consumers a way to escalate complaints without employing lawyers.

“It is unfortunate that consumers who are unsuccessful with their complaints levy the criticism of bias against the ombuds office. Our office works very hard to uphold high standards in adjudication and in applying the law to the fact of the case,” she said.

“The office found in favour of complainants in 27% of the cases, indicating that most matters capable of early resolution were resolved at the bank. While the number may appear low, it is in line with international experience at other ombuds offices.” People unhappy with their bank are encouraged to take their dispute to the OBS if their complaint has not been handled within 20 working days.

By Thandi Skade for Destiny Connect

FNB has announced the launch eWallet eXtra, a mobile offering that enables unbanked South Africans to open a bank account remotely via their cellphones.

The service, which is scheduled for launch in June, will enable consumers to open a bank account without ever having to walk into a branch and without having to submit any paperwork.

The entire process of opening an account is done digitally and the only details you would have to input on your phone is your name, surname and ID number.

“eWallet eXtra will enable users to send or receive deposits from individuals and other banks, store funds for an unlimited period, pay accounts and also buy prepaid products like airtime, data and electricity. Users can also on send to other recipients and withdraw at any FNB ATM or at tills across participating Spar stores, which also allow for over-the-counter purchases. The daily spend limit is R3 000,” says Gugu Zikhali, FNB Head of Transaction Products: Mass Market.

Account holders will also be able to check their bank account balance and transaction history and similar to any bank account, you’ll need to generate a PIN in order to access the account.

The idea was born out of the need to bring the gap between banked and unbanked consumers, while also servicing the needs of irregular income earners like season workers who don’t always necessarily need all the services offered with a traditional bank account.

“This is why we have integrated some eWallet functionality into the eWallet eXtra mobile bank account. After an in-depth assessment of eWallet user patterns, we realised that in excess of one million users have been effectively using it as a bank account despite the fact that the solution was designed as a remittance service,” says Pieter Woodhatch, FNB Easy CEO.

There are no monthly banking fees attached to eWallet eXtra and it doesn’t accept debit orders.

“We believe that eWallet eXtra is the ideal solution to address this important gap and based on the analysis of our customer base and research on financial inclusion, we estimate the size of this market to be in excess of 11 million,” he adds.

You need to be over the age of 16 to use the offering.

Image credit: Memeburn

Viceroy not backing down on Capitec report

Shortseller Viceroy Research has insisted the Reserve Bank should not rely on Capitec’s financial statements and should place it into curatorship.

On Monday, the shortseller released its long-awaited statement in response to the Reserve Bank’s statement of support for Capitec in which the Bank assured the market that Capitec was “solvent, well capitalised and had adequate liquidity”.

The Reserve Bank made this statement after Viceroy claimed last week that Capitec was understating losses and on the brink of insolvency.

“We understand that the [Reserve Bank] has not yet performed an adequate regulatory inspection of Capitec and expect they will do so in due course.

“For the moment Viceroy will respond to [the Reserve Bank], limiting themselves to information contained in the most recent Capitec annual report,” Viceroy said.

But sources in the banking sector said the Reserve Bank’s bank supervision department did not rely on annual reports or results. In terms of the Banks Act, all registered banks and representative offices are required to file financial and risk information regularly with the department.

“Monthly BA [Banks Act] reporting takes place using various BA returns for finance and risk, on either 15, 20 or 30 days,” said Jaco van Wyk, head of group finance at FirstRand. “These returns are not public.”

The Reserve Bank does publish the BA900 form, an itemised balance sheet.

The Reserve Bank was “fully aware of the credit-scoring models and the risk targets that we set when we extend credit”, Capitec said.

In its statement, Viceroy said Capitec’s mechanism of underrepresenting losses was to “pretend” that uncollectable loans of at least R10bn were collectable and accruing interest.

Most of these were in longer-term categories stretching up to 84 months, it said.

Using Capitec’s gross cumulative loss curve for 61-to 84-month loans granted in different quarters, Viceroy concluded that losses on these loans were roughly 1.5% a year, a figure which Viceroy described as “astonishingly low”.

But Capitec said only 7.3% of its credit clients qualified for loans longer than 60 months.

“Viceroy infers that it is impossible for the average American credit-card holder to have similar credit risk as the top 7% of Capitec’s clients.

“We have extensive history and sophisticated models to support our results,” the bank said on Monday.

The actual arrears on 84-month loans was 3.1%, not the 1.3% cited by Viceroy.

Capitec also addressed the main issues raised in the initial Viceroy report in more detail on Monday.

Viceroy had not taken into account its conservative write-off policy relative to its peers, nor had it distinguished between consolidated and rescheduled loans, it said.

By Moyagabo Maake and Hanna Ziady for Business Day

A new banking scam whereby fraudsters remotely take control of your PC over the Internet to gain access to consumer’s online banking profile is currently doing the rounds.

This is according to First National Bank (FNB), which alerted consumers about the latest festive season scam.

In a statement, FNB says fraudsters are sending unsuspecting consumers fake emails notifying them that fraud has occurred on their respective bank accounts’ or credit cards.

Soon after the email is sent the customer receives a call from a fraudster claiming to be from their bank and offers to help block any fraudulent transactions by first requesting the customer to install “protection” software on their computer, which allows the fraudster to gain full control of the computer remotely.

Kovelin Naidoo, cyber security officer at FNB, says fraudsters are employing carefully constructed scamming tactics that have the ability to trick even the most vigilant customer if they are not aware of the modus operandi.

“If someone calls you and requests your personal banking details or to install remote access software on your computer, please end the phone call and contact your banks’ fraud contact centre. FNB will never ask you to share your OTP to reverse pending transactions or to block your banking profile,” cautions Naidoo.

He adds: “As access to banking services through digital channels continues to grow, so does the prevalence of banking scams, therefore we urge consumers to always be vigilant and familiarise themselves with the different types of digital banking fraud, as well as the security measures provided by their respective banks.”

How fraudsters use the software to defraud consumers:

  • The fraudster calls the customer and offers to help them block any fraudulent transaction by asking him/her to download and install “protective” PC software.
  • The customer downloads the software, and with the help of the fraudster, installs it.
  • Once the software is installed, the fraudster asks the customer to log into his/her personal online banking profile.
  • After logging in, the customer’s computer goes blank. Shortly afterwards, he/she starts receiving OTP (one-time pin) SMS’ to confirm transactions he/she did not perform.
  • The fraudster then reassures the customer that these are fraudulent transactions and requests that he/she forwards the OTPs so that they can be blocked or reversed immediately.
  • The fraudster then uses the OTPs forwarded to him/her to process the pending transactions and defrauds the customer.

Source: IT Web

  • 1
  • 2

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top