Cybercriminals prey on banks via EFTs

Despite Namibian banks being singled out as top targets for cybercriminals, a Bank of Namibia (BoN) Fraud Report for the third quarter of 2015 recorded only one fraud case involving an amount of N$303,000 via Electronic Fund Transfer (EFT). However, this is a substantial increase in comparison to the third quarter of 2014, when fraud relating to cybercrime of N$170,000 was recorded.
This is according to the BoN Director: Strategic Communications and Financial Sector Development, Ndangi Katoma in response to questions posed by the Economist following a report that was conducted by a South African firm. Their investigation revealed that Namibia, in terms of malware was the country most targeted by cybercriminals during December 2015, after being second most attacked in November.
According to Katoma, with the focus on Electronic Fund Transfer (EFT), he said, “these EFT fraud losses are attributed to Online Banking Fraud (Phishing), a method of deceitfully obtaining personal information such as passwords, identity numbers and credit card details, by sending e-mails that look like they come from trusted sources, such as banks or legitimate companies.”
“It is important to take note that the figures only refer to fraud via EFT and applicable channels (i.e. mobile banking, internet banking etc.) within the national payment system for the respective quarters under review at the time,” he added.
In questions pertaining to forms of insurance for commercial banks against cybercrime, Katoma said that the banking institutions are required by law to have insurance cover against losses incurred by banks or customers of banks.
“Such losses could be a result of negligence, dishonesty, fraud and other related economic crime actions of officers of banks,” he said. According to Katoma, this type of insurance however does not cover specific economic crimes or fraudulent acts where banks could suffer losses.
Katoma said that currently the Bank of Namibia is not a position to reveal the extent of cyber activities in the country in general. However, he said that activities relating to cybercrime and computer related financial crimes reported by banks in the fraud and economic crime statistics reports, had been insignificant as at end of December 2015, in the view of the central bank.
Meanwhile, in the report conducted by the South African firm on malware where Namibia topped the rankings, several other African countries appear among the top 20 most-attacked nations out of 142 surveyed. These include Malawi (6), Cameroon (8), Tunisia (11), Mauritius (12), Botswana (13) and Nigeria (17). Kenya appears at number 44 while South Africa dropped from 63rd position in November to 67th in December.