SABRIC Warns Consumers to Beware of Phishing and Malware

Criminals want access to your online facilities to steal your money and will use any number of tactics to access your confidential information. This is a warning that has been issued by the South African Banking Risk Information Centre (SABRIC). Criminals use tactics like phishing and installing malware onto their victims’ computers in order to steal personal information necessary to access their victim’s online banking profile.

Criminals often use phishing to trick you into disclosing your personal information such as usernames, passwords, credit card details and mobile phone numbers, they sometimes also request your One Time Password (OTP) that will be sent to your mobile phone. They do this by sending emails that look like they come from trusted sources, such as banks or legitimate companies. These mails entice the recipient to respond by clicking on a hyperlink. When clicking on the hyperlink, you will be diverted to a fraudulent website under the control of the criminal and any information that you enter on this page like your user name and passwords for your banking profiles and cellphone numbers, will be sent to the criminals. The information harvested in this manner is then used by criminals to access your online banking profile illegally. Once they have viewed your profile and find that there is money to be accessed, they will commit fraud on your internet banking account.

In short, the modus operandi of these criminals includes the following:

Prior to launching the phishing attack, the criminals collect email addresses to which they send their spam phishing mails. They also ensure that they have control over other bank accounts into which they can pay the proceeds of crime. They arrange for a fraudulent website that resembles the real website of the company from whom the phishing mails purport to come, to be hosted on a vulnerable website and ensure that all communications received through this website are relayed to an email address under their control. Once a victim responds to the phishing mail by clicking on the hyperlink and “logging in” to the website, the sensitive information is relayed to them. Sometimes they use it immediately to access the victim’s profile and can cause an OTP to be sent to the victim’s mobile phone. The spoof website will then prompt the victim to submit the OTP. The criminal then uses the OTP to move funds fraudulently. If they are not ready to use the compromised information immediately, they will save it for a later date and do a SIM swop to gain control over the victim’s communications when the OTP is generated during the fraudulent transaction.

To minimise the risk of the above occurring, consumers should take note of the following tips:

  • Do not click on links in unsolicited emails and delete them immediately.
  • Type in the URL for your bank in the internet browser if you need to access your bank’s webpage.
  • Never click on a link to take you to your bank’s website.
  • Keep your operating system and browser patches, anti-virus and anti-spy software up to date on your personal computer/laptop or cellphone as they include important security enhancements to help detect phishing sites and malware.
  • Should you realise that you have responded to a phishing mail, change your internet banking credentials immediately and advise your bank.
  • Register for SMS notifications so that you can be alerted to any money moving from your bank account, real time.

Clicking on an unsolicited link or icon could also result in a victim’s computer being infected with malware. Malware, which is an abbreviation for the term “malicious software” is a software designed and used to damage computers in order to gain access to sensitive information, or alternatively hack a computer. You could be tricked into infecting your computer with malware through clicking on a link or an attachment in an email as well as through accessing a fake website purporting to sell you software in order to fight malware. Criminals deploy malware designed to harvest banking credentials. These malicious programs relay the keys typed to the criminals who then decipher what bank related usernames and passwords. The compromised information is then used to access the victim’s online banking profile unlawfully and should there be available funds, these will be removed.

Consumers should follow the tips below to protect themselves:

  • Ensure that the device you use for internet or mobile device banking has the latest version of antivirus and antispyware software installed from reputable vendors. Robust solutions should identify malware and prompt you to delete it.
  • Do not do your banking on public or unfamiliar computers found at libraries, cyber- or internet cafes and hotels.
  • Avoid using Wi-Fi hotspots, and ensure your own wireless network is encrypted before performing any banking transactions on your private computer. Prevent illegal software from being downloaded on your computer by creating administrative rights
  • Be suspicious if you receive lots of spam email or SMS messages. It could indicate that your computer or cellphone has been infected
  • Beware of fake anti-virus software that is offered at no charge, as it could contain malware
  • Do not use unknown devices, such as USB flash drives, on your system, as they may transfer malware unknowingly
  • Avoid downloading pirated software, as it may contain malware

For interviews with the CEO or media queries:

Media and Communications Manager

Tel: +27 11 847 3134
Cell: 082 070 5349