Scam emails have been circulating the Internet for sometime now, attempting to trick people into entering their bank account login details into a fake version of their financial institution’s website. This criminal activity is known in Internet security circles as Phishing. To drive-home the point, I am quoting Wikipedia‘s accurate description of Phishing:
In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging, and often directs users to enter details at a website, although phone contact has also been used.
These scammers target e-gold, Moneybookers, Paypal, Graphcard and other online wallet users, with genuine-looking email with the aim of tricking them into giving-up their login details. Armed with these login details, they then log into the account and transfer the money out or use it for shopping online – effectively stealing the funds. They sometimes wreak further havoc by changing the login details thereby locking-out account the account owner, albeit pending how fast he/she can report to his/her financial institution.
Now, these scams are not new, nor are they peculiar to Nigeria. According to Wikipedia again:
[…]It is estimated that between May 2004 and May 2005, approximately 1.2 million computer users in the United States suffered losses caused by phishing, totaling approximately US$929 million. United States businesses lose an estimated US$2 billion per year as their clients become victims. In the United Kingdom losses from web banking fraud—mostly from phishing—almost doubled to £23.2m in 2005, from £12.2m in 2004, while 1 in 20 computer users claimed to have lost out to phishing in 2005.[…]
These scams have been gathering steam in Nigeria in recent years. This is as a result of the fact that more and more bank customers in Nigeria are now using Internet Banking. Even more people use their ATM cards to withdraw money from ATMs or pay for goods/services at Point-Of-Sale (POS) terminals or Internet websites. I blogged about Beware of fake Interswitch emails recently, highlighting the increase in phishing emails that are trying to scam Nigerian ATM/Debit card users.
The crux of the matter today is that, my bank in Nigeria, apparently overwhelmed by the high incidence of fraud, disabled Internet funds transfer this morning for all Internet Banking users. Need I go into the gross inconvenience this would cause me and other customers of the bank who are using Internet Banking? A call to their customer service department revealed that I had to report at my branch, to pick an Internet Banking form again. I told the customer service representative that I was not in Nigeria right now but she insisted I would have to do that whenever I am in Nigeria. Phew!
This bank didn’t even deem it fit to inform me via email about this latest development. I had to find-out myself when I needed to transfer some Naira online.
I completely disagree with this new move by the bank. Though Internet Banking fraud cannot be completely eradicated, it can be reduced to the barest minimum. There are ways and means to achieve this. My next blog post would highlight some of them.