A recent Norton internet security survey reportedly revealed that almost nine million South Africans were victims of cybercrime in the last year. In recent months we have fallen victim to a series of bank scams, ranging from the FNB MTN scam to FNB OTP scam and the Standard Bank credit card scam, to name a few. So how safe are our South African banks?
“The financial services industry continues to be a prime target given the size of the industry and the fact that it is deemed as critical infrastructure. Breaches in FS industry not only return significant ROI’s, but also significant press and notoriety for the successful theft of financial related data (credit card numbers, social security or other government-issued ID information, driver’s license, addresses, etc.) All can be exploited either directly (credit card numbers), or used to create false personas, or for ransom,” states Perry Hutton of Fortinet a company that specialises in cyber security solutions.
The trend of cybercrime and the increase can be compared to the progress made in consumer computing. As the tools become more commoditised, it becomes cheaper and easier for criminals to operate, says Jon Tullett, research manager at IDC Sub-Saharan Africa.
SABRIC agrees and adds: “Criminals exploit technology and use social media platforms together with social engineering tactics, to perpetrate crime. Victims also use social media more to talk about their experiences.”
The common denominator in most of these fraudulent incidents seems to be the use of technology.
“There is a greater awareness for cybercrime, both from the perpetrator and the victim’s perspective. Technology gives perpetrators a far wider reach with the potential of more victims. Having said that, cybersecurity awareness and responsible device management by users, are not only effective but necessary countermeasures. The banking industry invest substantially in security and every effort is made to ensure that products are secure. Security relating to digital banking platforms and products is a high priority,” adds CEO of SABRIC, Kalyani Pillay.
While the onus to protect vital and sensitive information falls on the consumer too, the fact that these big trusted financial institutions, seem to be at the target forefront of fraudulent activity, is concerning to say the least. This especially in an economic climate where people can’t afford to lose hard earned money to cyber criminals that very often are untraceable.
Is it still a good idea to bank with the big four?
Following some security breaches you may be wondering whether the big four have what it takes to ensure such similar incidents do not occur again.
But SABRIC comes to the big four’s defence, “The SA banking industry is extremely well regulated and under continuous supervision. The industry remains committed to combating crime in partnership with stakeholders and their clients. Banks and bank customers globally face numerous risks posed by organised crime and the South African experience is aligned to global trends,” Pillay remarks.
The big four: ABSA, First National Bank (FNB), Nedbank and Standard Bank have all had to implement tighter security measures to reassure customers’ fears.
“Absa acknowledges the impact that these losses have on our customers and we therefore go to great lengths to warn customers through our channels, and provide security tools and information on our website. We find that customers are often unaware of how easy it is for a third party to access their personal details if they are not careful. Notwithstanding all the security features and controls we have in place, we have no choice but to rely on our customers remaining vigilant with their personal information,” says Absa.
Nedbank were similarly of the opinion that digital banking was still the route to go.
“Apart from the tremendous convenience, digital banking is still the safest form of banking provided you choose a financial service provider with state-of-the-art security measures. It is also important that consumers play their part as well, ensuring that their computers are secured by the latest antivirus software and that you follow the necessary precautions you will find on your bank’s website, such as never entering your login credentials on a website whose hyperlink you received via email or other electronic messaging, and being very careful about opening email attachments, even if they seem to come from people you trust,” says Lucas Venter, Nedbank’s senior analytics and forensic technology manager.
However, there is always room for improvement. “The bottom line is the same as always: consumers who take very basic steps to keep themselves secure are at much lower risk than those who don’t; in this respect security is more an education and awareness challenge than a technology problem, and that’s an area where the banks certainly could improve,” Tullett explains.
What are consumers advised to look for when choosing a bank?
Tullett believes that ‘it’s not so much about who you bank with, it’s about your own behaviour.’
“Take whoever you bank with – do you understand what they offer in terms of two-factor authentication? Do you know how to identify a phishing email and verify that a link is valid? Do you know what an ATM card skimmer looks like? Are you alert to criminals’ shoulder-surfing your PIN at a checkout? Certainly, the banks have a key role to play in assisting with security, but they need to help their customers take responsibility, not give it up.”
From a security perspective, it is advisable that you equally ensure that your bank stays up to date with the fraud landscape and innovations. “What worked well last year may not necessarily work well this year,” Venter says.
Another good rule of thumb is to not only look at what the bank can do for you but also look at your financial needs and go from there.
“Security is about behaviour and awareness. There’s room for a lot of improvement all round, and not just by the banks and their customers,” Tullett concludes.
Handy tip: To ensure you are making the best decision for you and saving money with the right bank account, compare bank accounts here.