How Secure are e-Banking Channels?

Despite the convenience and flexibility offered by electronic banking channels, Obinna Chima wonders if banks are doing enough to protect customers from fraudsters

As Mrs. Bolaji Akinola, a Medical Laboratory Scientist in Lagos was tidying up her desk in order to leave after the day’s work on a Friday evening few weeks ago; little did she know she was going to get the shock of her life.

Akinola, who is the customer of a new generation bank, was surprised; when she got an alert from her bank that her account had been debited. While she was still trying to understand what happened, she got several other notifications showing that her account had been debited due to transactions being initiated somewhere in Akure, Ondo State.

Just like Akinola, a lot of bank customers today are targets of fraudsters. While these criminals have been successful because some Nigerians have fallen prey to their tricks, the issue has continued to raise the question about the safety of various electronic channels being promoted by banks.

Indeed, electronic banking solutions provide bank customers with flexibility, while also generating more revenues in terms of fees and commission to banks.

Banks face a continuing challenge to offer more freedom to customers to perform transactions and manage their finances when and where they want. These days, customers expect their banks to be accessible anytime, anywhere.  

Nonetheless, today, from Lagos to Abuja, Port Harcourt, Enugu, Kano and other cities in Nigeria, bank customers are faced with the burden of differentiating between genuine mails and mails on the status of their account purportedly sent to them by their banks.

Specifically, these fraudulent mails mostly request customers to upgrade their accounts, usually request that unsuspecting members of the banking community click on a particular section to “upgrade your internet banking account on our safer platform.”

The e-mail also suggest that a customer will lose his account or have information deleted if he does not respond. Sometimes, it will include links to websites, which should never be visited.
In addition, some of the impostors also request for customers’ account information, transaction history, and mobile phone details, amongst others.

“I get mails on account upgrade from so many banks daily. Initially, they started by send mails to upgrade my First Bank account, which I don’t have. Later I started getting mails to upgrade my Zenith Bank, Fidelity, UBA and GTBank,” a visibly angry bank customer who preferred to remain anonymous said.

According to experts, other threats to electronic payment platforms include the spread of virus and dangerous malware, hackers systems and network penetration, insiders systems abuse and fraud, contractors information theft and fraud, insider – outsider collaboration, theft of confidential information, phishing attack and increased  risk of e-channel transaction repudiation by fraudulent minded customers.
An e-banking experts in one of the new generation banks disclosed that the prime time for e-banking fraudsters is mostly Friday evenings between 6pm and 7pm.

“That is when they usually strike, particularly on festive period,” the source who pleaded to remain anonymous stated.

Scam Mails
Disturbed by the strategy of fraudsters, banks have continued to sensitise their customers by consistently giving out tips on how to detect scam mails to their customers.
For instance, some of the ways of detecting a fake e-mail include poor grammar, request for personal information and wrong address by the sender.

Often, such e-mails are from an address that does not belong to the bank in question.
In addition, customers must also understand that usually, a bank has a personalised e-mail address and the fraudsters usually request for password or account number, which no bank would ask for.

Also, the criminals set up several fictitious websites and also go the extent of putting telephone calls to unsuspecting members of the public by impersonating directors or staff members of banks, claiming to: have access to huge US dollar deposits in the bank held in the names of deceased persons, huge US dollar contract sums due for payment and to offer employment in the bank on outrageous terms and conditions.

But SafeNet noted that authoritatively establishing the identity of the user initiating the transaction is a critical first step in securing e-banking.

“Financial institutions have to battle cyber criminals in order to prevent breaches and guard against fraud. Over the years, the technologies employed to secure e-banking have advanced, but so too have the attacks and the attackers,” it noted.

Culled from: http://www.thisdaylive.com