11 tips to avoid falling victim to online fraud
Phishing and vishing are examples of social engineering – the act of manipulating customers into sharing their personal information.
Picture: iStock
The South African Banking Risk Information Centre (Sabric) reported a spike in fraud incidents in 2018, with almost 23,500 cases across banking apps, online banking and mobile banking amounting to about R262.8 million in gross losses.
Historically, the vast majority of complaints received by the Ombudsman for Banking Services were the result of ATM issues.
In recent years, however, online-related complaints were the main headache – with phishing the major underlying cause.
While financial services firms are working around the clock to improve security, fraudsters are continuously devising new plans to circumvent the latest safety measures.
An example of this has been the shift from phishing to vishing.
With phishing, fraudsters impersonate a bank via email and entice the customer to click on links that redirect them to a fraudulent banking site, duping them into sharing their details and robbing them.
With vishing, fraudsters call the customer claiming to be from their bank and ask for account and login details to urgently “stop” a fictitious transaction.
Phishing and vishing are examples of social engineering – the act of manipulating customers into sharing their personal information.
Worryingly, studies suggest that the majority of customers struggle to differentiate between a phishing email and a legitimate email.
According to a recent Global Banking Fraud Survey, social engineering is one of the most significant challenges financial institutions in Europe, the Middle East and Africa face (as it relates to fraud risk).
Since fraud is constantly evolving, it is not possible to provide hard and fast rules as a guarantee against fraud. Yet, there are steps customers can take to protect themselves:
- Do not use an emailed link to access your bank’s online portal, even if it seems legitimate. Always type the relevant URL directly into the internet browser.
- Check that the browser link starts with https – an indication that the website allows secure communication through encryption.
- Install the latest version of your bank’s app.
- Do not provide your “keys to the safe” (card PIN, card CVV, card One Time PIN (OTP), online banking PIN or online banking password) to anyone – your bank will never ask you to confirm your confidential information over the phone.
- If you do have access to a loved one’s PIN or password (which you should not have), never share this via text message or WhatsApp – their phone may have been stolen and you may unwittingly offer their “keys to the safe” to a criminal.
- Don’t approve any requests on your phone or via the app if you haven’t been transacting yourself.
- Register for your bank’s transaction notification service to ensure you know what is happening on your account.
- Add your bank’s fraud hotline number to your contacts so that you have it available if you need to report fraud or to call the bank should you feel suspicious.
- Turn off your Wi-Fi when banking on a public network – it is unsafe.
- If you think your banking profile may have been compromised, report it immediately.
- Choose strong, unique passwords and update them regularly.
Cowyk Fox is the managing executive for Everyday Banking at Absa Retail and Business Bank
For more news your way, download The Citizen’s app for iOS and Android.
For more news your way
Download our app and read this and other great stories on the move. Available for Android and iOS.