Scam emails have been circulating the Internet for sometime now, attempting to trick people into entering their bank account login details into a fake version of their financial institution’s website. This criminal activity is known in Internet security circles as Phishing. To drive-home the point, I am quoting Wikipedia‘s accurate description of Phishing:
In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging, and often directs users to enter details at a website, although phone contact has also been used.
These scammers target e-gold, Moneybookers, Paypal, Graphcard and other online wallet users, with genuine-looking email with the aim of tricking them into giving-up their login details. Armed with these login details, they then log into the account and transfer the money out or use it for shopping online – effectively stealing the funds. They sometimes wreak further havoc by changing the login details thereby locking-out account the account owner, albeit pending how fast he/she can report to his/her financial institution.
Now, these scams are not new, nor are they peculiar to Nigeria. According to Wikipedia again:
[…]It is estimated that between May 2004 and May 2005, approximately 1.2 million computer users in the United States suffered losses caused by phishing, totaling approximately US$929 million. United States businesses lose an estimated US$2 billion per year as their clients become victims. In the United Kingdom losses from web banking fraud—mostly from phishing—almost doubled to £23.2m in 2005, from £12.2m in 2004, while 1 in 20 computer users claimed to have lost out to phishing in 2005.[…]
These scams have been gathering steam in Nigeria in recent years. This is as a result of the fact that more and more bank customers in Nigeria are now using Internet Banking. Even more people use their ATM cards to withdraw money from ATMs or pay for goods/services at Point-Of-Sale (POS) terminals or Internet websites. I blogged about Beware of fake Interswitch emails recently, highlighting the increase in phishing emails that are trying to scam Nigerian ATM/Debit card users.
The crux of the matter today is that, my bank in Nigeria, apparently overwhelmed by the high incidence of fraud, disabled Internet funds transfer this morning for all Internet Banking users. Need I go into the gross inconvenience this would cause me and other customers of the bank who are using Internet Banking? A call to their customer service department revealed that I had to report at my branch, to pick an Internet Banking form again. I told the customer service representative that I was not in Nigeria right now but she insisted I would have to do that whenever I am in Nigeria. Phew!
This bank didn’t even deem it fit to inform me via email about this latest development. I had to find-out myself when I needed to transfer some Naira online.
I completely disagree with this new move by the bank. Though Internet Banking fraud cannot be completely eradicated, it can be reduced to the barest minimum. There are ways and means to achieve this. My next blog post would highlight some of them.
As far as I am concerned, this really demonstrates the height of GTB’s insensitivity towards the plight of its customers. How could a bank carry out such an extensive measure without informing its clients before hand?
This only goes a long way to exhibit the incompetence of their IT department. One does not need a rocket scientist to tell that the spike in their online banking fraud was entirely of their own gaffe. How could you make a sensitive service like internet banking an all comer’s affair?
The bank should have printed a familiarization booklet for new internet banking customers, with security tips on how best to use the feature securely. Most GTB customers don’t even know that it is very risky to access their online banking account from a public computer.
😀 😀 😀
Kayode, Are you a GTB customer yourself?
After reading your entry, I logged into GTBank online banking and – there it was, 3rd Party Transfers had been disabled. Nonsense.
Kayode is right. In addition to his point, there was no security measure on the 3rd Party transfer thing till just last week, when the secret question requirement was introduced.
These guys have just disappointed me.
I was at GTBank too this afternoon, and was told that the 3rd party transfer facility wasn’t being provided till further notice because of fraud.
Meanwhile, the queues at the ATMs are growing alarmingly.
Oh well! Nigeria, we hail thee.
I was at my GTB Branch today. The lady in charge of Internet Banking was completely oblivious of what I was talking about. She thought I simply wanted to subscribe to the Internet Banking facility. I then took time to explain to her that GTconnect instructed me to visit my branch with a passport photograph and fill a certain form, to have my fund transfer feature restored. She picked up the phone to call a colleague for information on this strange development.
When she was through with the call, she informed me that the decision to suspend the feature is indefinite. So I must have been sent on a wild goose chase by GTconnect, I pondered.
Now, GTB has limited Internet Banking to checking of account statement and balance. This must be a major setback for those who have built their lives and businesses around this service. No wonder the Holy Scripture says “Woe unto he that puts his trust in the arm of flesh”.
I have been a GTB customer for over 4 years. Before they commenced full fledged online transfers, there was the Pre-register Transfer option. This was very secure as you will have to visit your branch physically and provide a list of GT Bank accounts that you desire to transfer funds to, so the issue of hacking accounts did not arise them. Transfer was only limited to your pre-registered accounts.
I wonder why they can’t reintroduce this feature.
No wonder GTB refused to activate my GTconnect when I made the request about 2 or 3 weeks ago. I actually wanted it because of the 3rd party transfer facility. I guess I have to stick to the traditional method of transferring funds between my GTB accounts. Too bad.
Nigeria we hail the indeed. 😳
My case is worse cause I am not resident in Nigeria at this time. I would have to be in Nigeria, before I can access my funds. Why must we put ourselves through all these?
There are ways to reduce fraud. Disabling your customers from transferring money online is not one of those means. 😡
How to reduce Internet Banking Fraud
Two days ago, I did a blog post titled “Woes of a Nigerian Internet Banking Customer” with a promise to do a follow-up post, offering suggestions. Well, this is it.
First, it is defeatist for a bank to cancel online funds transfer when it i…
I was really disappointed to see that the third party transfer has been disabled by GTB. At first i thought it was a mistake, until i had to confirm from the bank. This is disappointing and i hope GTB will try and do something to restore this back, as i am always happy anytime i have a transaction to consumate and the business partner has a GTB account. Having to leave my house/business to transfer funds is not the best and i have a lot of these transactions. I hope GTB will try and improve on their security so as to restore this facility back to their customers
GTB’s 3rd Party Transfer facility has been partially restored (for customers that had pre-registered transfer beneficiaries).
I called GTconnect and they assured that the service will be fully re-established in a few days time.
Some good news I presume.
You can’t really blame GTB for their decision, due to ignorance lots of Nigerians fall victim to phishing and the trend is growing at an alarming rate in Nigeria, before decisions like this are taken, banks seek opinion of security experts and then a decision is reached on their recommendation. To stop or reduce this trend proper planning is required because you will shocked at how creative attacker can be. If you run an IT company an you a faced with this kind of problem (where millions disappear daily) believe me you need time to for new strategies because sometimes the problem may also be internal.
@ Kayode, its been over a month now since you left that comment but 3rd Party Transfer is still disabled.
@ Yinka, This is not enough reason for them to have disabled online funds transfer for several months now. They really need to get their acts right! 😡
why is GTB master card not acceptable on the internet? pls i nd help.
Tunde Joseph, why not contact GTB directly?
Please, I need to know how a paypal account can operate in nigeria. some one pls help me
Its funny the amount of services available on the Internet Banking platform of most banks that you do no know about unless you experience someone using same.
Anyways, I think GTB is doing a good job, but I can name a lot of improvements their service desperately requires.
Oladipo, you would have done well to suggest some of the improvements for GTBank here and now. Being a customer myself, I am interested in knowing what your suggestions are.
1. Configurable session timeouts. Imagine going to retrieve transaction code and your login timeouts. I understand the security requirement, but there are times I’ll like to session to last a bit longer. Even if you are working non stop, your session still times out, even if you do not login.
2. Ability to turn off notices. I have seen the token notice far too many times than I care to see again. If something is new there, I wont notice it. I’ll keep ignoring.
3. Reply from email. If I get sent a transaction code, I should be able to approve transfer directly from my email.
4. Disabling transaction codes as soon as they are used. Have you ever had to referesh the transaction code submit page? Sometimes the transaction is duplicated on the same transaction code. Sometimes, my connection just dies and I have to refresh.
5. That accordion menu on the left is plain terrible. Somebody change that NOW!
I couldn’t agree with you more Oladipupo.
1. Virgin Nigeria’s website allow me to extend my session every 10 minutes if I am taking too long with a task. GTBank’s own is too brief. I often just click around just to keep the session active.
2. You have no idea how pissed I am to see their SCAM ALERT notice all the time. I often by-pass it by going straight to the login page. As for the TOKEN page, I don’t allow it to load before click through it.
3. Hmn. You should be able to click straight from your email so long your session is still active.
4. I agree.
5. I sometimes get a javascript error from their menu. The error message even reveals the URL where they got that menu script from.
Bottom line, GTBank Internet Banking platform is very good but ranks low with looks and a few usability issues.
banks need to becareful of all this hacker boy that is my contribution
Friend im tired of be a nigeria because nothing seem to work internet banking is zero.now i will need help from you if i can get contact mail adress in usa and how to get credit card acount register
It’s not only Nigerian problem. If you are not born in EU, North America, Japan or Australia you are doomed to fight for survival. Maybe you may say I’m lucky, because I’m from Europe. But I’m from “problematic” part of Europe (as they used to say). I used to say to my friend from Nigeria: “We were born in a wrong country. It’s better to be homeless in USA or EU. You have a chance to live more descent life there.”
quite unfortunte as Nigeria is still far behind in regards to internet banking.
Mr. Ajao please does this mean that Nigerians can not buy online at will, with this problem that customers are having due to the lapses of banks?
This article was written in 2007. Things have since improved.
it is just too sad.Idont blame NIGERIANS.We are all part of the problem,If it was in Europe a lawsuit wuld have woken GTB up.
Imagine, I want access bank to create internet banking on my account, its over 5 weeks now, every time I call they promise to follow it up immediately, I have sent several mails to follow up but no result. To me all banks in Nigeria are dead. even the workers themselves are not happy with the work environment, so what do we expect to get from an unhappy staff….unhappy and bad service.