Securing your Internet banking account against fraud
I was discussing Internet security with someone this morning and reflecting on the fact that although Phishing, 419 scams, identity theft and other Internet frauds are well reported, there are still a surprising number of uninformed and gullible people out there. If you are using a computer, staying aware of fraud is as basic a skill as knowing not to walk down dark alleys at night.
With criminal gangs deliberately targeting bank accounts and identities, entering information onto any Internet site must be done with caution. This is especially true if it pertains to any financial information, personal information or information about your company as this information can be used fraudulently.
When accessing sites where you need to give financial information, such as Internet banking or SARS, accessing the site by typing the address in the address bar is safest. Never follow a link from an email or other website. Publishing private information about yourself will open you to numerous types of attacks from criminals. Something that seems harmless such as Facebook, can also be accessible to criminals.
When accessing financial sites, ensure the site is secured by following the following tips;
- Rather type the address into the browser address bar, even if it is accessed by you regularly.
- If using a desktop shortcut or bookmark, ensure that you are on the correct site, and that the site is secured by following these tips -
- The site address will start with “https” and not “http”. and you see the VeriSign Lock. You can click on this padlock to verify the site “owners”.
- The site does not look or react differently than you are used to.
- Learn and remember the URL of the correct site and make double sure you are on the correct site when logging in.
- Do not open other websites while logged into Internet Banking; only have a single browser window open.
- When you complete your online banking tasks, log off and close the browser window.
- Never reply to email that:
- Requires you to enter personal information directly into the email or submit that information some other way.
- Threatens to close or suspend your account if you do not take immediate action by providing personal information.
- Solicits your participation in a survey where you are asked to enter personal information.
- States that your account has been compromised or that there has been third-party activity on your account, and requests you to enter or confirm your account information.
- Asks you to enter your user ID, password or account numbers into an email or non-secure web page.
- Asks you to confirm, verify, or refresh your account, credit card, or address information.
- Make sure that you install and regularly update the latest anti-virus software.
- Refrain from banking at public terminals like Internet Cafes.
- Only provide credit card details to reputable companies, and look for the lock and key icon and security certificates when shopping online.
- Change your PIN number and Password regularly. Make sure you have activated a verification system on your bank account that sends a warning SMS when you log in and perform transactions.
Criminals rely on you to accept that they are legitimate. This is called “Social Engineering”. To steal your money or identity, fraudsters rely on you furnishing them with confidential information that you would not otherwise give out. When you are being pressured to do this, rather be safe than sorry. Don’t let threats or other fear tactics overcome your objections.
A few weeks back my wife received a call on her cellular phone for me. The caller asked me to confirm my identity by giving my birth date. I refused and asked what it was about. The caller said he would tell me to if I confirmed my birth date. I put the phone down.
