With current attempts by fraudsters to access people's bank accounts through text messages, emails, phone calls etc., it is important we are armed with the knowledge of the different ways our bank accounts can be hacked by these fraudsters. This will help us better discern their gimmicks, avoid their traps and keep our money safe.
TRUSTING SUSPICIOUS EMAILS, TEXT MESSAGES AND PHONE CALLS
In 2015, Babatunde Fatai, a young man arrested by the Oyo State Police command for various internet crimes including hacking into bank accounts of people in and outside Nigeria, revealed that to hack into bank accounts he would either go to dating sites to woo men and women into trusting him with their account details, or he would send fake emails to bank customers asking them to change their accounts and bank security details. Fatai will then use their 'old' security details to access their accounts and transfer their money to his online lovers, for these lovers to transfer back to him through another means.
You should be alert to suspicious emails, especially those that come with promotions from banks giving links you should click. Check the email ID or address and compare with the bank's official email to see if anything is off (that is, to see if it's an unofficial or copycat account). Most importantly, always call your bank to confirm any suspicious email before you reply.
TRUSTING SUSPICIOUS TEXT MESSAGES AND PHONE CALLS
As you should be careful with emails, so should you also be careful with text messages and phone calls.
Text messages about your account being blocked because of your BVN and instructing you to call another number to activate; phone calls from strange numbers (numbers different from your bank's customer care numbers) asking you to disclose your bank's details especially when you did not previously log a complaint with your bank about any issue related to what is being asked of you, amongst many others, should all be confirmed before responding to them.
Use your bank's helpline and if you can, go to a nearest bank branch to confirm. The cost of not confirming is most times far more than the cost of confirming. Don't be quick to share sensitive bank details through any means, no matter how genuine it seems.
SOCIAL MEDIA PROFILES
Some hackers get personal information such as your name, date of birth, email and phone number off your social media accounts. With this basic information, a sophisticated hacker can get past other options to change your pin and access your account.
If you use Internet Banking, it is advisable you edit your social media profiles, especially Facebook profiles. If you must leave your day and month of birth, delete your birth year, delete phone numbers you put there that are connected to your bank account and use ones that are not linked to your bank account. For your name, you don't have to put your full name, especially the one your bank recognizes, on your profile. Your first and last name, or simply a username or nickname is fine.
UNENCRYPTED WEBSITES
According to the Telegraph, you should never shop or log in to online banking when the web address does not begin with "https" or without a lock sign displayed on the address bar.
For an added layer of security, check the online banking security options your bank provides such as free antivirus and browser security software. Ensure that your computer is protected by "firewall" software. Also, browsers (especially Google Chrome and Mozilla Firefox) often come with built-in security features. Make sure they are activated.
WEAK PASSWORDS
Especially for those who use Internet Banking, weak passwords make it easy for hackers to crack your passcode and access your account. Strong and unique passwords that are long, random and made up of different cases, numbers, letters and symbols are the best.
CHEQUE BOOKS AND ACCOUNT NUMBERS
Afam Nriezedi, along with his syndicate members, was arrested in 2015 by detectives attached to the Special Anti-Robbery squad of the Lagos State Police Command for hacking into Nigerian banks with the assistance of bankers and domestic servants.
To hack bank accounts, someone (a domestic servant or relative from the house of the victim) will bring a leaf from the cheque book of the victim to them. The leaf most times isn't signed but contains the victim's account number. With the account number, details of the victim's name, phone number, email, house and work address including the victim's account balance can be gotten, once they contact an insider in the bank they need the information from. Getting the insider usually isn't easy but because it is a syndicate, it's all about the effort and teamwork.
Their next step is to get a copy of the signature of the victim provided most times by the insider in the victim's home. The cheque is taken to Mushin where the signature is forged and the amount they intend to steal is written. Most times, they don't use e-banking to transfer the money but withdraw it upfront (usually using an amount that is possible to withdraw upfront). They never go the branch of their insider to do this.
It is important to be careful and restrict access to your cheque book. Also, don't be careless with your account numbers and emails, phone numbers and addresses linked to your account number. From time to time, check your cheque book to confirm there is no missing page. Also monitor text messages and emails sent to you by your bank to be sure transactions you did not authorize have not occurred.