Banking, Column

Don’t get hooked by a Phishing scam

WINDHOEK, MAY 8 – There has been an increase in phishing attacks in the banking industry recently. Nedbank Namibia would like to alert its clients to this and request that they never access online banking through a link in an email or via SMS.

“Phishing is a fraud scam that takes place by email. A typical phishing attack occurs when a legitimate looking email, which appears to come from a bank or other financial institution, is sent to thousands of people requesting them to click on a link to update or verify their information,” says Gernot de Klerk, Head of Marketing and Communication at Nedbank Namibia.

The fraudsters often try to scare people into opening a phishing email by saying that ‘your account has been accessed’ or that ‘your account will be blocked’ or they entice people to click on links by saying that ‘you have had a large deposit made into your account’ or that ‘you need to install new software to protect yourself’.

De Klerk further explains when clients click on the link in the email, it directs them to a legitimate-looking website. When clients enter their personal details, account details, PIN and password on the fake website, the information is forwarded to the scam artists, who then accesses the bank accounts while clients are online, allowing fraudsters to pay funds into specially opened banking accounts to which they have access. These accounts are then cleared of the transferred funds within minutes.

Here are tips on how to be safe online:
• Don’t click on links in messages from unknown sources – Nedbank Namibia will never ask clients to log on to internet banking through an attachment or link in an email or SMS.
• Hover the mouse over any hyperlinks to see the actual URL and make sure it is the real thing. Long-pressing the hyperlink on the mobile device should also reveal the underlying hyperlink.
• Don’t respond to phishing emails – forward them to so Nedbank can have the phishing sites removed.
• Also, have the latest antivirus software and a robust firewall on all computers at all times.
• Clients should always read one-time password (OTP) messages carefully, if clients did not initiate the transaction they should report the incident to the bank immediately on +264 61 295 2222. Clients should never give anyone their one-time passwords (OTP).
• Should clients receive SMS notifications for a transaction that they did not perform, they should report it immediately by phoning +264 61 295 2222.
• If clients lose cellphone connectivity for some time for no apparent reason or receive an SMS for a SIM swap they did not request, they should contact their cellphone service provider urgently and inform Nedbank by calling +264 61 295 2222.
• Clients should scrutinise their bank statements frequently and notify Nedbank as soon as possible if there are any unfamiliar transactions.
• Don’t trust caller identity – fraudsters use number-masking software to make it look like the call is from Nedbank when it isn’t.
• Install Trusteer Rapport on your computer – it is online fraud protection software and free to all Nedbank clients.  – NDN Staffer