How criminals hack your bank account

By Staff Writer
Internet criminal fraud is the fastest growing fraud in the world, according to Carte Blanche. There is always a new SMS scam, or email that comes through, congratulating you on winning thousands of Rands.

But, what about those emails saying you have money owed to you by the tax man? Or that phone call from the bank saying that they need to access your account? Those are scams too, and are ways for criminals to obtain your details, and steal your money.

Below we look at five ways in which a criminal hacks your bank account, and takes your money.

Step 1: The phishing attack

In order to get your banking details, and thus log into your account, the criminal will send a fake email, which will look like it is from the bank, asking you to log in.

Your bank, as they always warn on their internet sites, will never send you an email asking you for your profile number, or password.

Another way in which criminals obtain your login details is through you using computers in public areas (such as Internet cafés) which record sensitive information, keystroke logging software, or malware, which provides criminals access to a victim’s computer.

Therefore, you should always log into your banking profiles on a secured computer. Make sure you have anti-virus software, or some type of internet security on your computer.  

Some banking sites even offer you the option to download the software from their site, in order to keep your information safe.

“Once you have logged in, you can download firewall and anti-virus software directly from our Internet banking site. We will cover the cost of the software for one year, after which you will be responsible for the maintenance fee, should you choose to continue using the software,” said Standard Bank.

The SANS institute, a private American security company, offers some tips on how to spot a phising email:
  • There are misspelled words in the e-mail or it contains poor grammar.
  • The message is asking for personally identifiable information, such as credit card numbers, account numbers, passwords or pins.
  • There are "threats" or alarming statements that create a sense of urgency. For example: "Your account will be locked until we hear from you" or "We have noticed activity on your account from a foreign IP address”.
  • The domain name in the message isn't the one you're used to seeing. It's usually close to the real domain name but not exact.

Step 2: Getting a banking account

In order for these criminals to withdraw the money which they transferred out of your account, they need an active bank account.

They can do this through creating a bank account with fake personal details.

Or, they can also use the existing bank account of an unsuspecting person, to transfer and withdraw the money.

Step 3: SIM swap 

When conducting internet banking, your bank will either send a onetime pin, or a message to your cell phone to make sure that it is you who is conducting the transaction.

“Approving transactions using your cell phone means that you'll never have to enter sensitive information into a computer. This will help prevent you from falling prey to fraudsters and give you peace of mind knowing that your sensitive information will remain just that,” said Nedbank.

Therefore, the criminals would need access to your cell phone in order to complete their crime.

The criminals do this by cloning your SIM card, in order to have the message, or pin sent to them, instead of you. Beware then, of opening strange messages or emails on your phone as this could open your phone up to being cloned.

Step 4: Create beneficiaries for money transfer 

Once the criminals have your banking details, and have cloned your SIM, they can then access your account, and create a new beneficiary with the fake bank account they set up before.
Once they have done that, they can start to transfer the money they want to the beneficiary.

Step 5: Withdraw the money 

The money is then withdrawn from the fake account (which was made as the beneficiary in part 4). Once that is done, the card is destroyed, and the criminals have your money.

Security online is a growing concern, as we are moving into a paperless world. Never share your passwords, or profile numbers with anyone, and make sure to always use a secured, well protected computer when doing your banking online.

If you are unsure about an email, call your bank to ask them about it.

For more information, and for an info graphic on the whole process, MyBroadband has one, click here. 

Recent Articles

Featured When to trade in your old car for a new one

You may have noticed that your car isn’t running as smoothly as it used to. This is particularly concerning if you’re hoping to sell it at a reasonable price, and buy yourself a modern alternative.

3 facts to consider when cancelling your contract

If you’ve ever had a relationship end in a bit of a mess, you’ll know that some people are more difficult to break up with than others. The pain, the push back, the back and forth – it can be a difficult process.

How long does debt reflect on your credit score?

If you’ve ever had debt that you didn’t manage well, you may have wondered how long the debt would remain, or be retained, on your credit score. This is known as a “retention period” and it is governed by the law.


Full Body Massage at Dembalicious Spa

Price: R99
When: Mondays to Sundays
Where: Johannesburg

Two-Course Asian Dining for Two

Price: R269
When: Mondays to Sundays
Where: Cape Town

One-Hour Yacht Cruise with Waterfront Charters

Price: R99
When: Mondays to Sundays
Where: Cape Town

Latest Guide

Guide to debt rehabilitation solutions