Internet banking remains a safe and secure method of banking, says the SA Banking Risk Information Centre (Sabric), amid wide-spread mass media reports of a spike in Internet fraud.
The Eastern Cape Herald yesterday quoted Port Elizabeth commercial crimes unit head Andre Horak as saying 30 cases of Internet fraud, totalling over R800 000, had been opened in the city since the beginning of February. From the reports, it appears clients had fallen victim to phishing.
"When used correctly and safely, Internet banking offers a safe and convenient method of banking. Customers are encouraged to visit their bank with any queries relating to Internet banking," says Sabric.
First line of defence
Meanwhile, all of SA's major banks have confirmed an increase in phishing attempts.
Pat Pather, Standard Bank's director of group IT, says the bank has been monitoring global trends in identity theft. "Six weeks ago we picked up spam e-mails attempting to recruit mules who would transfer money out of the country, and, based on this pattern, we were on high alert.
"Customers are our first line of defence against these attacks," says Pather, adding that 60% of the problem is behavioural. "People must never share their passwords, and they should always type the URL of the site into their browser. Clicking on a link is just not safe."
Education is key
According to Pather, many customers are responding to education. "In 2005, we would have only had one or two responses from customers relating to phishing sites, now many more customers are reporting the incidents."
"We have seen an increase in attempted phishing and brand abuse, as well as a significant proliferation of spyware on public Internet access points," says Maire Eltringham, Nedbank's head of virtual channels.
First National Bank Online CEO Chris Kotze says phishing scams have more than doubled over the last six months. "We are now seeing at least one attack per day."
However, not all customers read the warnings that are sent to them, says Kotze. "The phishing sites are looking more and more authentic, and many people who have not read the warnings are still being scammed."
Don't give out info
"Banks will not ask you for any personal information via e-mail or over the phone," says Kotze, adding that banks do not actually have anything to do with that information. Standard Bank's Pather adds the bank does not even store customers' PIN information.
"The banks face a never-ending battle to make sure customers are aware of the phishing mails, and to ensure they know how to respond to them," says Christo Vrey, GM of digital channels at Absa.
He adds that the Internet business industry as a whole, and not just the banks, should attempt to prevent customers from being victimised.
ITWeb Security Summit 2007
Taking place from 22 - 25 May 2007 at Vodaworld, ITWeb's Second Annual Security Summit will bring together almost 30 international and local IT and security professionals, practitioners, industry experts and analysts. They will share their experiences, acquire knowledge and gain an understanding of the key tools, techniques and strategies needed to safeguard their organisations' most valuable asset - information. International security guru and author, Bruce Schneier, and creator of the Pretty Good Privacy (PGP) e-mail encryption protocol, Phil Zimmermann, will deliver the opening keynote addresses. More information about the event and delegate bookings is available online at www.securitysummit.co.za or by contacting Denise Breytenbach at (011) 807-3294 or denise@itweb.co.za.
Related stories:
Absa tightens online security
Banking fraud increases
Caf'es create online banking headache
Share