Thursday, 9 May 2019

Cybercrime: Over 17,600 Nigerian Bank Customers Lose N1.9Bn To e-Fraud in 2018

The monster of e-fraud long predicted in advanced economies is now here with us in Nigeria in full swing. The dominant force is driven by young people between 20 and 30 years. Here is the report. The Nigeria Electronic Fraud Forum (NeFF) has released its fraud report for 2018 which showed that over 17,600 bank customers lost N1.9 billion to fraudsters during the year. 

The report showed that the volume of fraud incidents rose by 55 percent to 38,852 in 2018 from 25,043 in 2017, while value of actual loss rose by 29 percent to N2.1 billion in 2018 from N1.63 billion in 2017. Electronic frauds however dominated, accounting for 89 percent of fraud incidents in 2018, with volume and actual loss value to fraud of 38,856 and N1.86 billion respectively.

The report also showed that a total of 17,632 bank customers were defrauded across electronic channels in 2018. In terms of age, 41 percent of the defrauded customers were above 40 years, while 57 percent were between 20 years and 39 years. 

In terms of location, 30 percent of the defrauded customers were based in Lagos state, while 6.07 percent and 5.8 percent were based in Rivers state and Oyo state respectively. On the other hand, the report indicated that 848 bank customers were beneficiaries of fraudulent transactions through electronic channels in 2018. 

In terms of age, 59.2 percent of the beneficiaries of fraudulent electronic transfers were individuals between 20 years and 29 years, followed by individuals between 30 and 39 years, with 24.7 percent. In terms of location, 31.6 percent of the beneficiaries were located in Lagos, followed by 6.49 percent and 6,01 percent in Rivers and Ogun states respectively. Meanwhile, NeFF has raised an alarm over increased fraud attacks on bank customers using mobile devises for transactions. 

According to the NeFF report, fraud losses through mobile channels rose sharply by 72 percent to N598.8 million in 2018 from N347.6 million in 2017. The report also showed that mobile channels accounted for the highest volume and actual loss to fraud during the year, accounting for 29.6 percent and 28.7 percent respectively. 

Speaking in this regard at the general meeting of the group in Lagos, Neff Chairman and Director, Payments System Management Department, CBN, Mr. Sam Okojere said: “Innovation savvy customers are increasingly opting for self-initiated banking solutions both online and offline, like mobile banking and USSD with a preference for full service Mobile Banking apps over cheques and other over-the-counter services; The more products channelled through those mobile devices, the more attractive they become to fraudsters. 

According to the NIBBS Fraud Report for 2018, the mobile channel scored 28.21 percent on the Fraud Interest Index (FII), this could be an early warning sign that fraudsters are shifting focus to mobile attacks and testing the waters in different types of mobile and online banking fraud in 2019.” 

Global perspective of the problem 

As far back as 2014, the evolution of the e-fraud monster has been predicted in the write up bellow: Current predictions show there will be five billion connected devices on planet earth this year, including smartphones and tablets, serving a billion online bank accounts and contributing to $13trillion in global e-commerce sales and related transactions. 

Nigeria’s endless cycle of undemocratic elections  

The potential opportunities presented to fraudsters are therefore huge. Evidenced of this has already been seen by the estimated 25 million unique strains of malware, resulting in an 80% annual increase in phishing attacks and the breach of 600 million customer information records. Apart from obvious at-risk ‘smart’ devices like phones, tablets, laptops and other PCs, everything from home routers, CCTV cameras, baby monitors, domestic heating and utility gadgets, thermostats, cloud-based data services, printers, firewalls and video-conferencing systems are also all potentially vulnerable. 

There’s already a sophisticated, interconnected, resourceful and growing army of digital fraudsters overseeing the theft, distribution and sale of personal information on an industrial scale. Therefore in developing any anti-fraud strategy, it is better to assume there’s a possibility customer data has already been compromised before any transaction takes place. 

Take the recent flap over Heartbleed. The software bug highlighted a critical flaw in software called Open SSL, which is supposed to make it much harder to steal data. Instead, suitably-informed hackers were able to exploit it by remotely prompting the server to hand over small chunks of the data it has just handled – in many cases disclosing log-in details, passwords, or other sensitive personal information. Since Heartbleed emerged in May 2014, additional fears have been raised over a possible computer hack by Russian criminals alleged to have targeted hundreds of thousands of computers worldwide with malware, enabling the theft of more than US$100million from business and personal bank accounts. 

Around the same time, genealogy website Ancestry.com – among several others – was intermittently knocked offline following a three-day bout of suspected DDoS (distributed denial of service) cyber-attacks, during which the site was overloaded with traffic and crashed. On this occasion no user information was compromised. From the recent examples, it’s clear that fraudsters are fast, inventive, adaptable and constantly testing for any potential vulnerability. Take the UK banking sector for instance, where more and more Brits are moving away from branches in favour of their mobile phones and tablets. 

According to the British Bankers’ Association, “we’ve now downloaded more than 12.4 million banking apps, while the number of transactions made using them has nearly doubled in a year, hitting 18.6 million per week by the end of 2013. Meanwhile, customers signed up to receive more than 450 million text messages such as balance alerts from their banks in 2013. Royal Bank of Scotland now claims 5.6 million online banking users, while HSBC says that 72% of all its interactions with customers are now carried over the phone on through the internet. While the relative ease and convenience of online banking is great for consumers, it demands constant vigilance from banks’ back-office teams tasked with fighting fraud across multiple channels. 

Protecting the keys to the kingdom fundamentally hinges on a layered security strategy underpinned by multiple checks form numerous data sets. Having the tools to fight the fraudsters, which includes device intelligence to block compromised card use, fraudulent enrolments, phishing attacks, hidden measures that assess suspicious activity and multi-set identity verification, will always be worth the investment. 

Consumers must also be vigilant to the threat of cyber-crime. Millions of consumers on both sides of the Atlantic regularly put themselves at risk of fraud through avoidable habits such as favouring repetitive online identities often based on a single e-mail address, username and password combination. 

Similarly, nearly one in four of the 50 million mobile device users in the UK do not password protect their devices, while only around one in three (37%) have the same passcode or PIN on all mobile devices with just half of those who do (43%) have passcodes/PINs shared them with family, friends or colleagues. Only one in six (17%) of mobile device users say they always accept security updates sent to their mobile device, such as OS updates. 

Just over a third (36.3%) say they rarely request support on security tips when using a mobile device. Irrespective of the convenience of mobile devices, last year it took an average of 444 days for consumers to discover they had become a victim of identity fraud. For individuals it’s always worth investing in web monitoring services which offer instant alerts if personal details get misused online

Culled from: Vanguard Newspaper

No comments: