Cybercrime – SPOTting the scammers…
Sadly, in recent years, we have become aware of several clients who have been scammed and in the process lost meaningful amounts of money. According to a report released earlier this year by Accenture consultancy – South Africa has the third most cybercrime victims worldwide – losing around R2.2 billion per annum! This despite the fact that South Africa ranks 25th in population numbers.
Apparently, South Africa is a hot topic among the shady characters that inhabit the “Dark Web” (the meeting place of organised cybercrime syndicates and the underground network of data miners and sellers). In this August month the country has experienced its biggest-ever data breach which exposed personal information of approximately 24 million South Africans and 793,749 business entities. As massive as the Experian data breach was – it is just one of the “known” four major data breaches in South Africa in the last year alone.
The common threads among affected clients has been
- phone calls ostensibly from one’s own bankers warning of a possible security breach and offering immediate help in rectifying;
- emails or text messages suggesting that your online banking access has, as a precaution, been suspended due to what may be fraudulent activity – and inviting you to reactivate your account by following the provided link;
- taking a link within one of those “warning” emails or messages [WhatsApp etc] about dangerous viruses circulating and offering to protect your device [phone/tablet / PC].
We tend to be so good about locking up our homes and cars – whether we are in or out of them. We spend money on boundary walls/fences [electric or razor wire], gate controls, video cameras, tracking devices, etc – but clearly don’t do enough to protect our personal information. However – our biggest problem when it comes to cybercrime is the personal data we are obliged to provide to our bankers and financial institutions that we transact with.
Banks were highly confidential custodians of our personal financial information [I know because my own career started 50 years ago in a Bank]. Back then important records were kept in physical files locked away in fireproof facilities … and Bank robbers stole cash not files! Computerisation and networking have caught the attention of Banks and opened up ever expanding opportunities for them to use our data for profit – with us often waiving our privacy rights in their terms of service. Experian is just one of the ways in which our Banks wash their client data through analytical tools designed to optimise marketing activities or assist them in evaluating the risk they carry in their customer base. When the data leaks it inevitably finds its way into criminal hands – so we really should not be surprised that the scammers know so much about us.
The scam phone calls seem fully authentic as the caller knows such a lot about you – perhaps your phone number, home address, ID number, even account or card number. What they don’t know they trick you into giving them – like asking you to answer security questions for ID numbers, mobile numbers etc.
The phishing emails take you to what looks exactly like your Bank’s online internet website where you would normally logon. You are tricked into typing your username and password / pin into the same authentic looking fields on the webpage.
Malware links within text messages, emails or even websites cause the most harm. This is because they can infect your device via a “Trojan Horse”. The link may offer you ways to scan and protect your device – so you willingly accept the offer – but what is really being installed on your device is a spyware program which feeds your personal data to the scammer. There are “keyloggers” that capture your keystrokes – especially passwords and/or pin numbers – and send them to the scammer. Or they simply “record” all your activity on your device, including your online banking activities. They may include Ransomware – a program which encrypts all the information on your computer and blocks your access to it. You have to pay them to be given an unlock code to restore your data to a readable format.
STOPping the scammers
The best advice we can give you is also the least pleasant for us to give. We have to encourage you NOT to be as trusting as we would all like to be – but rather to be “on guard” and circumspect when it comes to your personal information and the devices on which you store that information.
- If you receive a phone call which purports to come from your Bank’s card division or branch – ask them for the caller’s name and phone number so you can call back BEFORE giving any information. Check the number you are given against the official phone number given on your credit or debit card and if different – rather phone the official number and tell them about the call you had. Stress that you did not give ANY information to the scam caller.
- Simply ignore any text messages or emails like the ones mentioned above. If concerned, phone your Bank or Card Division on their official numbers and query the email or message with them.
- Never click on links within text messages or emails purporting to come from banks. Only install software from the official Google or Apple stores for mobile devices [not from links sent to you]. Only use recognised anti-virus or anti-spam programs contained within the operating systems of your devices [nowadays Microsoft Windows 10 provides excellent security – as do Android phones and tablets].
Oh … and please accept that Microsoft Windows does NOT have a call centre based in Pakistan or India or anywhere else for that matter which will phone and offer to help you fix a problem they have encountered on your computer. I also get those calls … and tend to have some fun playing the caller along … and when they twig they usually become abusive – dropping in some X-rated words before hanging up on me!
Take care – markets have recovered and Covid-19 is waning
Please take extra care of your financial safety by avoiding the scammers. Despite all the stress that avoiding Coronavirus and Scammers may spring on us … Spring itself has arrived with good news for investment portfolios both locally and offshore. As always – don’t hesitate to get in touch about your investments and any relevant changes to your circumstances.