Fully 19% of South African online banking users have been victims of online fraud such as 419 scams and phishing attacks, up from just 10% a year ago, a new independent research survey shows.
Columinate’s 2014 “Internet Banking SITEisfaction” survey, the third it has conducted, shows, too, that the number of people who have been targeted at some time in the past has risen to 62% from 54% in 2013 and 39% in 2012.
Of concern is that the number of successful attacks using vectors such as key logging, Sim swap fraud, 419 scams and deposit refund scams has spiked higher in the past 12 months.
The 19% figure refers to respondents who have fallen victim to online fraud at any time in the past, not in the past 12 months.
Fully 10% of online banking users now report they have fallen victim to a 419 confidence trick at some point, up from 7% a year ago — an increase of 43%. Seven percent have fallen prey to a deposit refund scam, up from 4% a year ago.
Standard Bank explains that a deposit refund scam is one where criminals contact customers to tell them that an amount of money was “mistakenly” deposited into their account. The perpetrator deposits a fraudulent or stolen cheque into the customer’s account, then calls them and claims that funds were mistakenly deposited. They then ask for that money to be refunded, which the client then loses when the fraudulent deposit is reversed.
Forty-five percent of respondents have been a target of phishing, with 7% falling victim to this form of attack. Phishing involves criminals sending e-mail purportedly from a reputable company in an effort to trick users into revealing personal information like online banking login credentials.
Sim swap fraud has surged in the past 12 months, Columinate’s research shows. Three percent of online banking users have lost money because of this, a staggering 200% increase from a year ago.
Key logging, where malware monitors users’ keystrokes, is also becoming a major problem, with 5% of users falling victim to this fraud, up from 2% a year ago.
Although South African online banking users are aware of at least some of the risks – 81% of aware of phishing scams and 68% know about deposit refund scams – they don’t always follow safe practices, rarely changing their personal details, including their passwords, and failing to check a website’s security certificate.
Pretorius says the variety of financial fraud activities makes it difficult for banks to keep customers educated on how to be vigilant against these attacks.
“Banking customers have to contend with the usual attacks on their accounts such as phishing and deposit refund scams as well as newer attempts like ‘smishing’ (SMS version of phishing) and 419 scams.” — (c) 2014 NewsCentral Media
- See also: Capitec displaces FNB as top online bank