Today’s criminal is a completely different breed.
Tech-savvy, sly, and immeasurably resourceful. He is able to adapt with ease to the forever-changing technological landscape, and use even the slightest weakness to his advantage. His tools are not crowbars and screwdrivers, but a mouse, keyboard and Internet connection. This newly-constructed reality has the distinct flavour of technological determinism: the branch of social science that has as its main tenet the belief that all human behavior and culture are influenced by innovations and developments in technology.
The impact that so-called ICTs (information and communications technologies) has made on our lives cannot be overstated, and developments such as Internet banking and apps have made long queues and frustrating face-to-face interactions things of the past. Brick and mortar are being replaced by ones and zeros, and no one is complaining. The Dutch media and communications academic Van Poecke draws a clear distinction between modern and postmodern society, positing that in the former technology was in service of man, while in the latter man is subordinate to technology. He underlines this position by stating that, while in modern society there was a clear dividing line between technology and culture, in a postmodern society such as ours technology is the culture.
But, with this dramatic shift in the overall consumer experience, come myriad new threats to security, privacy and the integrity of information. Not even the biggest, most powerful financial institutions are immune, as evidenced by a recent phishing scam that saw customers of a major South African bank losing hundreds of thousands of rands. The scam, which was perpetrated around March of last year, saw huge sums of money (up to R200 000, in one case) being transferred out of clients’ bank accounts and has led to significant backlash from those who feel that the bank acted negligently.
It’s become an all too familiar narrative. This year alone, the accounts of two of my colleagues (that I know of) have been pilfered by online attackers, leaving them with the unenviable task of trying to recover their money from their respective banks. In both instances, the victims had done absolutely nothing to compromise the security of their online banking profiles; the hackers were simply able to circumvent all the security measures that the financial institutions had in place.
Hackers and other online criminals have also become more creative with regard to their methods, and it is becoming increasingly difficult to distinguish genuine communications sent from real banks from fraudulent emails, SMSs and even phone calls aimed at stealing one’s personal information. These cyber-crooks and social engineers are continuously changing and innovating their modus operandi to be virtually undetectable.
Here are some tips for protecting your assets and personal details against cyber-attacks:
• Never, ever give your ATM PIN to anyone, even if they do claim to be from a (your) bank
• Never click on any links in emails from banks if you are not 100% certain that the communication is authentic. Rather phone your bank and request confirmation regarding the authenticity of the email
• Don’t give your Internet and cellphone banking passwords to anyone
• Regularly run anti-virus software to check for malicious software such as spyware on your computer
• If you suspect that your online security has been compromised, notify the bank and, if necessary, the police immediately
• If you regularly do online shopping, ensure that you only use reputable vendors that make use of secure payment gateways for monetary transactions
• Don’t respond to emails and/or SMSs claiming that you have won a prize unless you are certain that you have entered such a contest
• IMPORTANT: take time to read notices on your bank’s home page regarding the latest phishing scams. Don’t just click the x to close the dialogue and get on with your banking. Taking 5 minutes to read the warning could save you a lot of heartache and trouble