Share

Banking: more 'phishing' attacks

Johannesburg - The SA Banking Risk Information Centre (Sabric) on Thursday warned of a rise "phishing" attacks.

"We are presently observing an unusual increase in phishing attacks across the industry and would like to warn bank clients to be extra vigilant," said Sabric chief executive officer Kalyani Pillay.

The worrying trend about the recent surge in phishing attacks is that the phished information is now being used by criminals quicker than in the past," she said.

The period between the compromising of banking customers' information and its use had narrowed.

"We also observe an unusual level of persistence accompanying the latest attacks. There are incidents where people are receiving the same phishing email daily," Pillay said.

"Phishing" involves criminals deceitfully obtaining bank clients' personal information such as passwords, identity numbers and credit card details by sending emails that look as if they have been sent by banks.

Typically, phishing emails were sent to millions of bank clients asking them to click on a link to access information purporting to be from the bank or to update their details, Sabric said.

Instead, they were directed to a fake website which appeared almost identical to the legitimate bank's website and were tricked into disclosing their personal information on bogus online forms on that site.

The criminals used the information to commit fraud.

The recent phishing attacks were made to resemble security alerts from banks' online or security divisions and required more detailed customer information.

"The current crop of spam requires customers to confirm information such as cellphone numbers and email details," said Pillay.

"This is done purely for purposes of intercepting customers' one-time-password (OTP)," she said.

They did this through cellphone SIM swaps or by asking bank customers to confirm their OTPs immediately after accessing the account with the phished information.

"Sabric advises bank clients to ignore any emails that require them to provide personal information, even if the emails look credible or seem to contain very useful information.

"Some of the spoof sites... contain what would appear, to unsuspecting eyes, to be crime awareness information on phishing."

Pillay said it only took a few successes to make the attacks a worthy and profitable undertaking for cyber criminals.

She said people who suspected they might have already responded to emails requesting their personal information should immediately notify their banking institutions.

- Sapa

We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
heading
description
username
Show Comments ()
Rand - Dollar
18.94
-0.2%
Rand - Pound
23.90
-0.0%
Rand - Euro
20.43
+0.2%
Rand - Aus dollar
12.34
+0.1%
Rand - Yen
0.13
-0.1%
Platinum
907.85
+1.2%
Palladium
1,012.25
+1.1%
Gold
2,219.28
+1.1%
Silver
24.85
+0.8%
Brent Crude
86.09
-0.2%
Top 40
68,346
+1.0%
All Share
74,536
+0.8%
Resource 10
57,251
+2.8%
Industrial 25
103,936
+0.6%
Financial 15
16,502
-0.1%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders