Johannesburg, 20 Nov 2015
Cyber security expert, Charl Ueckermann, captured the attention of delegates from the financial sector during a cyber security conference, with a fascinating presentation on the simplified life cycle of Internet fraud in banking. Ueckermann is Managing Director of Johannesburg-based IT consultancy, AVeS Cyber Security.
The Cyber Security in Banking Conference was held at the Indaba Hotel, Fourways, Johannesburg, between 21 and 22 October. Dignitaries from around the country attended the two-day seminar designed to increase their awareness of the available security measures in IT security services for the financial sector.
Ueckermann's explanation on how fraudsters target the banks' users to launch attacks and steal money from them drew much attention from the conference attendees. "Their phishing techniques include, among other things, screenshot capturing and mobile phone invasions," he said. "These attacks take place in the background without the user noticing."
According to the South African Banking Risk Information Centre (SABRIC), card-not-present fraud remained the biggest contributor of fraudulent expenditure on South African issued credit cards (75%) in 2015. Internet banking fraud begins with the coder who creates malicious software (malware) and installs a copy of the malware on an unsuspecting user's computer. The program is designed to steal the victim's banking credentials.
Through malware, the hackers gain remote access to a user's compromised computer, can log into the victim's online banking account, and transfer money from the victim's account to money mules, before finally transferring the money to the syndicate. Ueckermann advises: "With targeted attacks becoming more widespread and almost becoming routine, effective security software and patch management is vital in order to reduce online risks."
Share