The media carries almost daily reports of phishing scams aimed at online banking customers. The fraudsters use elaborate tricks to dupe internet users. However, if you are aware of the methods used to commit online banking fraud, you can adapt and protect yourself when online.
Online banking fraud
Various scams are used to commit online banking fraud. This article gives an overview of the best ways to protect yourself against these scams.
Trojan horses and other similar viruses infect an internet user’s computer system. They work by manipulating the user’s computer so that when a web address is entered, the user is automatically steered towards a fake website. The malicious software even works when the user enters the correct URL.
In this way users can be directed to a fake, yet authentic-looking online banking website, where they then enter their account details.
Equally worrying is the fact that smartphones are just as prone to being attacked by malware.
Partner and German lawyer at the law firm Wilde Beuger Solmecke, Christian Solmecke highlights the problem:
“One of our clients logged in to her online banking whilst at work. She immediately received a message requiring her to re-certify her online banking details. The message required her to enter the make of her mobile phone, the model and her telephone number. She was then informed that she would receive a text message containing a link which she should open in order to obtain and install a new certificate. The supposed certificate the lady was asked to download, was in fact malware which re-directed all incoming texts to the fraudsters. Within two days almost 92,000 euros were transferred out of the lady’s account to unknown accounts.”
Fraudulent SIM cards
When using online banking services, many customers have to use the so-called mTAN-procedure. The procedure ensures that banking transactions can only be completed after a TAN number is entered which the customer receives by text message.
Unfortunately fraudsters are increasingly discovering ways to fool the supposedly secure procedure.
“It even works without the need to install a Trojan on the victim’s mobile phone,” Christian Solmecke explains, “In many cases, the tricksters are able to obtain the telephone number and account details of their victim. They use this data to apply for a new SIM card, which they then use to complete banking transactions to the detriment of the victim. The text messages containing the TAN numbers are sent directly to the fraudsters and without the knowledge of the customer.”
The German telecommunications company, Die Telekom, has reacted to the increased incidences of mobile online banking fraud by tightening its requirements for obtaining a new SIM card.
How can individuals protect themselves?
To protect yourself from such online banking fraud, it is advisable to ensure your computer is protected by a good firewall and an up-to-date anti-virus programme.
It is also advisable to be vigilant as to the regular procedure your bank uses and to be sceptical of websites which look even slightly different.
Also, online banking web addresses always begin with the letters https://. These letters ensure that any data exchange is preceded by an automatic authentication procedure.
The best protection against phishing attacks, however, is to ensure that you never reply to a request by e-mail or text (except in the case of mobile banking) by divulging your pin number or other bank details. Even if a request looks professional, if you are in doubt, you should contact your bank to make sure that the request is from them.
The Federal Office for Information Security recently issued a warning concerning false Facebook pages. Those individuals who use Facebook on their smartphones should therefore be cautious of phishing attacks.
Christian Solmecke concludes, “It is extremely important that internet users are vigilant against online banking fraud. We currently represent around a dozen clients who have fallen victim to phishing attacks. In total almost 300,000 euros have been stolen. If an online banking customer wishes to get their money back, many banks require that they observed all reasonable security measures.”