Do not use your Facebook login for your banking app

26 June 2018 - 15:38
By Thando Mpembe
Image: Dado Ruvic

Are you chilling on Facebook or Instagram oversharing with friends - and then logging into your online banking with the same profile? You may be saying ‘hi’ to a cybercriminal.

The South African Fraud Prevention Service wants us to become more savvy online‚ to avoid the risk of a real-life drama.

The organisation says some online users are increasingly aware and concerned about their digital security‚ while others are aware yet not at all concerned. In part‚ this is due to the trust in institutions such as banks.

“The better you understand online privacy and security concerns‚ the more effectively we can address online security individually and professionally. Companies may want to think about investing more heavily in IT and online security in this age of data abundance that increases both individual and corporate exposure‚” said the service’s Manie van Schalkwyk.

Monitoring your own digital transactions is important‚ even without the risk of cybercrime.

A 21-year old student from the University of Johannesburg‚ Nelisiwe Khumalo‚ told TimesLIVE that she found money was being taken from her bank account without her knowledge.

“There was a debit order that kept coming out of my account at the end of each month and I didn’t know until the amount became R300‚” she said.

Khumalo was oblivious to what was happening because usually banks do not send SMS notifications of transactions that are under R100. Now‚ she advises‚ it is best to have a banking app on your phone so you can check from time to time if anything suspicious is happening with your account.

But cybercrime is real.

According to the SA Banking Risk Information Centre (Sabric)‚ South Africa has the third highest number of cyber crime victims worldwide‚ losing about R2.2-billion a year to cyber attacks‚ emphasising the need for greater precautions to be taken.

Just last month‚ a SA comedian team reportedly lost R300‚000 in an email scam‚ where their banking details were changed and sent to clients‚ resulting in clients paying money into the wrong accounts. Most recently Liberty‚ a financial services company‚ suffered a cyber attack from hackers.

Sabric warns South African bank clients to be on the lookout for email phishing scams in particular. Phishing emails request that users click on a link in the email which then directs them to a parody website‚ designed to fool users into thinking that it is a legitimate attempt to obtain‚ verify or update contact details or other sensitive financial information.

“The spoofed website will look almost exactly like that of a legitimate or a well-known financial institution. Phishing emails‚ which are a form of spam emails‚ are typically sent in large numbers to consumer email accounts.” Sabric states on its website.

Maanda Tshifularo‚ head of Dialdirect Insurance‚ said individuals are also targeted with identity theft: where criminals obtain information about you to convince a bank or a customer service representative that they're you.

To limit your exposure to cybercrooks‚ here are Tshifularo’s handy tips:

  • Be extra cautious when using Wi-Fi hotspots. Some scammers falsify popular hotspots.
  • Don’t use your social media profiles to log in to other accounts.
  • To protect against identity theft‚ take care not to reveal too much about yourself on social media networks. 
  • Only use reputable online shopping sites. One thing you can do is look at the URL of the website. If it begins with “https” instead of “http” it means the site is secure. Also check with friends if they’ve heard of it or used it before.
  • Keep an eye on your monthly statements to identify unusual/unauthorised transactions or behaviours.