– Absa Bank’s customer identified as Winnie claimed over KSh 600,000 was siphoned from her account on Monday, May 11 2020
– Absa Bank however, disputed the amount saying she exaggerated the amount and the lender would pay back KSh 80,000 that was withdrawn
Cyber attacks on banks happen all too frequently. Thankfully, most banks are well protected against hackers, and the threat of a cyber attack shouldn’t deter you from using a financial institution. But with the recent rebranding of Barclays Bank to Absa, hackers are having a field day due to the confusion that comes with transitioning. A time like this is when bank employees collaborate with hackers to intrude into customers bank accounts and rob them of their hard-earned money. Similar fraudulent cases within Absa Bank has been reported Southern African Countries and the latest easy target being Kenya.
In a more recent incident, a woman, who identified herself as Winnie, said her account was illegally accessed on May 11, 2020, at night.
“On 11th I was working the night shift. I passed by a fuel station at Kasarani where I swiped my card for Sh1,000,” said the Absa customer.
While at work, she said that she received a message notification from Absa Bank Kenya that Sh0 had been debited in her account. About the message minute, she received another notification that Sh109 had been debited but was immediately debited back.
“We dialed (with a colleague) the customer care but at the same time, another debit of Sh265,000 was made in her account,” she claimed.
The woman said that the customer care person she contacted did not block her card but instead transferred her to the fraud team.
“By the time the fraud team was getting back to me, a transaction of three phases had been made, a total amount of Sh600,000 had been debited from the account,” said the woman.
She said that the fraud team assured her that they had started investigations on May 12, and that they would get back her money.
However, our insider at the bank said that the amount the woman quoted was exaggerated but they would refund the Sh80,000 that was taken from her account.
Who’s to blame for hacked ABSA Accounts?
Such similar incidences have been reported in Zambia and in every case, ABSA said the victims were to blame, reason being was that they fell for phishing attacks which exposed their online banking details. Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers online. Although, many of the ABSA online banking clients that were robbed disputed the fact that they had fallen for such scams.
How criminals steal money from your account
While methods used to steal your banking details may differ, the process followed by cyber hackers to steal money from online banking users in SA is nearly always the same:
- The hacker gets your Internet banking details, mainly through a phishing attack.
- The Hacker gets a bank account/s to which money can be transferred to and later withdrawn.
- The Hacker clones your SIM card.
- And then the Hacker creates beneficiaries (using the list of bank accounts) and transfers money to those beneficiaries.
- The hacker then withdraws the money from the accounts.
Signs your bank account has been hacked
Keep a close eye on these warning signs that your account could be compromised:
- Strange purchases. Seeing activity that’s out of the ordinary may be the first clue that a hacker has infiltrated your account. Watch for transactions made in locations where you haven’t been.
- Unfamiliar transactions. Sometimes you’ll notice small yet unfamiliar purchases. Thieves often do that to test if your card will work before making larger ones.
- Blocked login. If a hacker accesses your account from an unfamiliar location or tries your password too many times, your account may block you from logging in.
- Phone call from your bank. If your account is compromised, your bank may call to notify you of the recent breach. However, it’s essential that you don’t provide the caller with any personal information.
- Closed or emptied account. In more extreme cases, you may find that your bank account has been emptied or closed altogether.
- Denied card. If your account is compromised, your account could be emptied or your card could be frozen by your bank, leading to denied transactions.
Depending on your bank, it will notify you of suspicious activity and automatically cancel fraudulent charges and issue you a new card.
What to do if your bank account is hacked
If you believe your account has been hacked, there are a few important steps you should take:
View and verify account activity. First, go through your account activity to confirm any fraudulent charges. Some legitimate transactions may seem fraudulent if the company does business under a different name.
Call your bank. Once you’ve confirmed that your account has been hacked, call your bank to report the fraud. They can help you solve the issue and possibly return funds to your account.
Freeze your account. If possible, freeze your bank account online, on the app or by speaking with customer service.
Change your pins and passwords. Change your bank account pin to something entirely different and secure. Also, consider changing the passwords to your online banking account, email and other online accounts — and try not to use the same password.
Check your credit history. If your bank account is hacked, it’s possible that the hacker tried to open a credit card in your name. Speak with your bank to find out if they can check your credit history for free.
File a police report. Finally, consider filing a police report. It’s unlikely that you’ll have any information on the person who hacked you, but reports from multiple victims could increase the chances of the thief being caught.
What to do if you don’t agree with your bank’s fraud resolution
In most cases, you won’t be liable for funds lost due to hacking and fraud. However, if you don’t agree with your bank’s fraud resolution, here’s what you can do:
- Keep a record of all communications with your bank
- Speak with the fraud department directly
- Escalate your case to a manager or supervisor
- File a complaint with the Consumer Federation of Kenya or Kenya Bankers Association (KBA
- If all else fails, you can consider taking legal action
Types of bank account hacking and fraud
Knowing the weak spots that hackers look for and the tricks they use can go a long way in protecting you from cyber theft:
- Weak passwords. Using simple, easy to guess passwords can put your accounts at risk.
- Fraudulent texts and phone calls. Beware of any emails or phone calls from numbers claiming to be your bank. They might just be looking to steal your information to access your account.
- Phishing links. Watch out for unfamiliar links in emails or while browsing online. While they might look legitimate, these links and websites are designed to look official to trick you into entering your information.
- Malware. This type of virus can be picked up from sketchy websites and emails, infecting your computer and possibly intercepting your information and passwords.
- Leaks. Websites and banks affected by security breaches can allow unauthorized people to access your info. It’s essential that you use different passwords for all of your online accounts. Otherwise, a breach on one website could affect all of your online accounts.
- Public Wi-Fi. Avoid logging into your bank account on public Wi-Fi, as hackers could use the public connection to intercept your information and access your accounts.
- Social engineering. Some hackers will go the extra mile to access your information by calling your bank and impersonating you. And since most banks will use your personal information to verify your identity, it’s important to not give your personal information to strangers.
- Card scanners. These devices — when placed over an existing, legitimate card scanner — will take a picture of your card and could record your pin. When using an ATM in an unfamiliar location, wiggle the card socket to check for a fraudulent card scanner.
How to prevent bank account hacking
Stay safe online
- Check for site security. Most legitimate sites will have privacy and security terms that you can review. Secure URLs start with https — not http.
- Avoid public networks for banking. That means no quick peeks at your finances while you’re out shopping or working. Using public networks can compromise your personal security and put your information at risk.
- Don’t give your contact info to strangers. Confirm who’s calling or writing first before providing any information.
- Run antivirus and anti-malware software. Doing so could prevent computer viruses and the loss of your information.
- Beware of spam. Email software is effective at getting rid of spam most of the time. However, hackers design sites that mimic bank websites, so random emails that ask you to go to the bank’s website to confirm your information are most likely a scam.
Use strong passwords
- Don’t use the same passwords. Avoid using the same passwords for multiple online accounts. Otherwise, a security breach on one website could compromise all of your accounts.
- Keep your passwords and pins safe. That means not giving them out to anyone, including family, friends or anyone soliciting them over email. Also, try not to write them down.
- Strong security questions. The answers to your security questions won’t be verified, so you can choose any answer you’d like. Consider making the questions difficult or the answers harder to guess.
- Two-factor authentication. If possible, sign up for two-factor authentication. This security measure will require you to confirm your identity with your phone or email, decreasing the chances of unauthorized access.
- Use more characters — and symbols — in your password. The more characters in your password, the better. A mix of random letters, numbers and special characters will take much longer to crack than a simple word or series of numbers.
- Report suspicious activity. Report any suspicious people or unverifiable companies soliciting your banking information. You may also want to contact your bank.
- Double-check your transactions. Look over your statements for any fraudulent purchases and report anything suspicious right away.
- Keep an eye on your credit history. If someone gets access to your bank account, they could sign up for credit cards and other financial products that would affect your credit. Check your credit history if you think your account is at risk.
- Sign up for text alerts. Apps and text alerts can send you a notification whenever your debit card is used. This can help you track spending and immediately know where and when your card is used.
As stressful as having your bank account hacked may be, there’s a chance you could get your money back if you act fast. Banks are generally responsible for any charges due to cybersecurity breaches, but you should still always be prepared.
There are a number of things you can do to reduce the chances of your bank account being hacked, and choosing the right bank is one of them. Compare to find a bank and account that meet your needs.