By Clive Mphambela
Changes in technology have made our lives much easier, especially with respect to financial technologies. However, card based and internet based fraud is a continuing danger that can catch anyone unawares. Customers must understand that the security of their bank account is placed at great risk each time one purchases goods via the internet on insecure web sites using their debit or credit card credentials.
1. Do not follow links sent to you via e mail. You should never follow a banking link sent to you in a text message or e-mail. These links could potentially lead you to “spoofed” or fake Web-sites. Entering your information into such a site, usually means you will just have handed over your secret data to thieves. Good practice requires you to navigate to a Bank Web site directly by entering your bank's Web address into your phone and bookmarking it. This will help you avoid bogus Web sites. However, when you do this also make sure your passwords are not saved on the browser, in case your phone or device is stolen.
2. Avoid doing banking while on public networks. Many mobile devices allow you to connect to different types of networks, including open Wi-Fi networks. Always make sure you are not connected to a shared public network before logging onto your account. Most public connections are not very secure and some places that offer a public Wi-Fi hotspot will warn users not to share sensitive information over these networks. It is recommended to use your official bank’s Application Interface (APP) wherever possible. In general, these apps tend to be more secure than sending information by SMS message or e-mail. Most banks go to great lengths to make sure any information sent across a network using their App is encrypted to a high level.
3. Be careful of what you download. Be careful when downloading unknown apps. Take precautions when updating your banks app. Do a little research before you download that next widget or game onto your phone, ipad or laptop to make sure the app developer has a good reputation. Using stolen phones or “jailbroken” smartphones or using “sideloaded” software on your phone could leave your data exposed.
4. Keep track of your mobile device.
The reason why mobile banking is so popular is because mobile devices devices are easy to carry around everywhere we go. But this also poses a big risk if you lose it or if it gets stolen. They can contain everything from passwords to contact lists to your calendar appointments. Such information can be dangerous if your mobile device falls into the wrong hands.
If your device has a digital locking mechanism you should use it. Some devices require you to trace a pattern or insert a PIN. While it might slow you down to have to enter a PIN each time you want to use your phone, that layer of security might be enough to keep a thief from accessing your bank account before you can report your phone as missing.
Most phones can be traced when lost if you have activated a tracker on your phone.
5. Sign up for Mobile alerts
Mobile alerts enable the bank to notify you via SMS or short email message whenever a transaction has gone through your account. It is advisable to register and make use of Mobile banking alerts as they offer the following advantages:
· You know when transactions and direct deposits or withdrawals are posted to your account
· You know about changes to your account
· You know about irregular activity on your account as soon as it happens
· Internet Banking and Online Shopping Tips (E-commerce)
Be especially careful when transacting over the internet.
6. Secure passwords to your computer and mobile devices.
Be sure your computer and mobile devices are current with all operating systems and application software updates. Anti-virus and anti-spyware software should be installed, running, and receiving automatic updates. Ensure you use a strong and unique, which is not used for any other accounts. Set a timeout that requires authentication after a period of inactivity.
7. Use mobile applications with caution. As devices such as smartphones and tablets, continue to gain popularity for online shopping, so too will the volume of attacks against them. Malware could be downloaded onto the device from seemingly legitimate shopping apps that can steal card data and other sensitive information for transmission to cyber criminals. Update all apps when notified. Always disable your Bluetooth and Near Field Communications when not in use to reduce the risk of your data being intercepted by a nearby device.
8. Know your online merchants.
Limit online shopping to merchants you know and trust. Only go to sites by directly typing the URL in the address bar. If you are unsure about a merchant, check with the merchant if they are doing online payments.
9. Look for "https" before you click "Purchase."
Before you submit your online transaction, make sure that the webpage address begins with "https." The "s" stands for secure, and indicates that communication with the webpage is encrypted. A padlock or key icon in the browser's status bar is another indicator. Also, make sure your browser is current and up-to-date.
10. Do not respond to pop-ups. Don’t respond to pop ups offering instant riches whilst browsing the net. Whenever such pop ups occur, simply close them.
11. Do not use public computers or public wireless access for your online shopping. Public computers and Wi-Fi hotspots are potentially insecure. Criminals may be intercepting traffic on public wireless networks to steal card numbers and other sensitive information. Care should be taken that the settings on your computer or device prevent it from automatically connecting to Wi-Fi hotspots.
12. Be alert for potential charity donation scams and lottery scams.
Cyber criminals try to take advantage of people's generosity and can use fake charity requests as a means to gain access to your information or computer/device. Think before clicking on emails requesting donations. Don't give your financial or personal information over email or text. Be alert to scams where you are offered a prize for a bogus competition or lottery you never entered. Some criminals send bogus out emails telling you that your bank account details are due to be updated or your funds will be frozen etc. Responding to such emails will usually make you a victim of fraud. Never send your account information, credit or debit card details or passwords via text message or e-mail. These are common phishing scams. Don't fall for it!
Always sign out of your internet account.
When you’re finished using your Account, don’t close the browser window without signing out first. This will clear your browser’s cache and protect you from anyone signing in as you.
When you are not sure, just call your bank for advice.
Whenever you are unsure or suspicious, call your banker for advice. It could make a big difference between falling a victim and preserving your money.
Clive Mphambela is a Banker. He writes in his capacity as Advocacy Officer for the Bankers Association of Zimbabwe.
BAZ expressly invites stakeholders to give their valuable comments and feedback related to this article to him on clive@baz.org.zw or on numbers 04-744686, 0772206913