Most South Africans using online banking facilities are by now aware of the risks of online banking fraud. Banks are continuously upgrading their security measures to protect their clients, and engaging in awareness campaigns to prevent clients from being defrauded online.
“But it only takes one distracted moment to click on a dubious link, and assuming you have this kind of stash, R1 million can disappear within 15 minutes,” says Charl Nel, Capitec Bank’s head of communications.
“South Africans are generally mindful of the risks of using online banking facilities, and our online banking security is known to be among the best in the world. But the big banking fraud syndicates send out emails to millions of unsuspecting bank clients every day, just waiting for that one person they can trick and rob of funds. And it happens, or they wouldn’t continue doing it,” he says.
According to the South African Banking Risk Information Centre (SABRIC) – of which Capitec is a member – the number of investigations related to online bank fraud has decreased to date in 2016 compared to the same period last year. However, the losses (in rands) associated with such fraud has increased significantly. “This is a clear indication that criminals are successfully targeting higher value clients and accounts,” says SABRIC CEO Kalyani Pillay.
Nel says the most common method of online banking fraud is phishing. Criminals lure you to a fake bank website (by enticing you to click on a link), and the personal information you enter on this site is then used by the fraudsters to steal your money on the bank’s real website. “A second method is malware, but this is far less common, since it is a technically rather complicated process. Essentially your computer or mobile device is infected by a virus (usually via email) which steals your personal data.”
He says South Africa is at the forefront of developing cutting-edge methods to limit online banking fraud. Most banks have developed mobile apps featuring multifactor authentication and transaction approvals. Capitec, for example, was the first bank in South Africa to start using Entersekt’s electronic certificate technology, combined with biometric fingerprint security.
“With our app, which is also extremely easy to use and very low on data (free on Vodacom/Cell C and MTN), it is almost impossible to be defrauded as a result of phishing or malware. We also have a dedicated cyber security team constantly on the lookout for new forms of online banking fraud and global trends in cyber security. Capitec is continually introducing new versions of our app, as well as our internet banking facilities, to protect our clients – but because this is all running in the background, you generally won’t be aware of these updated security enhancements.”
SABRIC has offered bank clients the following tips to protect themselves from online banking fraud:
* Ensure that the device you use for internet or mobile device banking has the latest version of antivirus and antispyware software installed.
* Do not do your banking on public or unfamiliar computers.
* Avoid using WiFi hotspots, and ensure your own wireless network is encrypted before performing any banking transactions on your private computer.
* Be suspicious if you receive lots of spam email or SMS messages. It could indicate that your computer or cell phone has been infected.
* Beware of fake anti-virus software that is offered at no charge, as it could contain malware.
