A suspected international crime syndicate is under investigation after Internet banking clients of two of the country's major banks fell victim to identity theft.
Standard Bank and First National Bank (FNB) have admitted their clients have detected suspicious activity in their bank accounts, but it has not been officially confirmed, at this stage, whether the same crime syndicate was responsible for both cases.
Herman Singh, director of technology engineering at Standard Bank, claims a foreign syndicate targeted several of its clients. The syndicate's servers are hosted in Estonia, and it is using South African public PCs to obtain banking details, he explains.
However, neither Standard Bank nor any of its clients have lost any funds, Singh confirms.
"The syndicate is targeting high-traffic, affluent areas," explains Singh. He adds that compromised computers have been discovered in Fourways, Paulshof, Cape Town and at the Johannesburg International Airport.
Similarly, FNB has also experienced recent attacks, but cannot say for sure that the same syndicate is responsible.
Protect clients
"We are currently undertaking an investigation surrounding these issues," says Chris Kotze, CEO of FNB Online. FNB claims to have lost some funds, but Kotze says the bank has been able to retrieve the money in time in most cases.
It is understood this kind of fraud is due to malicious users installing key-logging software on public computers to obtain sensitive information.
"We are aware of this issue, but have not been affected by the recent spate of attacks," says Maire Eltringham, head of virtual channel at Nedbank. "We have additional transaction authorisation security in place that will protect our clients in the event of their PIN and passwords being compromised."
Absa's head of digital channels, Christo Vrey, says that although the bank has experienced two recent attacks where clients' funds (totalling R22 000) were tampered with, it is "incorrect to assume these incidents are linked to a syndicate".
He adds that Absa is conducting its own investigations into this matter, together with the South African Banking Risk Information Centre, the Scorpions and the SAPS.
It is understood the Scorpions have launched a high-level investigation into the activities of the syndicate, which is believed to be foreign.
"It is becoming clear that syndicate attacks are on the increase," says Craig Rosewarne, chairman of the Information Security Group of Africa. "Now more than ever we need to work together."
Share