Online banking security and identity theft are the focus of material offered this week by the province's police services during Fraud Awareness Month.
Online banking is secure, but personal information and more specifically, online banking information, can be compromised when individual users do not take steps to assist in protecting themselves.
According to police, a typical online banking compromise goes as follows: You log into your online banking one morning and notice a money transfer to a payment card for $2,800.00. You know nothing about this transaction so you report it to your financial institution (FI). The FI starts an internal investigation and tell you that the money was transferred to the payment card and taken out in cash. You insist you did not authorize this transaction. The FI tells you to call the police. The police start an investigation and speak to security personnel at the FI. They are able to provide the IP address which accessed your account. Subsequent investigation reveals the Internet Service Provider (ISP) is located in eastern Canada. The investigator finds out the user is located in another country.
You turn your computer over to the police for analysis. This analysis reveals your computer is infected with a trojan/virus. This trojan is known as a "bot." This type of trojan is actually a key stroke logger. This means that every key you hit on your key board is being recorded. The hackers download the information and looks for your 16 digit debit card number/user name. After that they know is your password and answers to security questions. This allows them to access your online banking.
People often wonder, "How did I download this (bot) on my computer?" It may have been as simple as accessing a non-secure website. If the address bar does not indicate https: or show a lock, it is not secure and some trojans have been uploaded this way. Some people have allowed remote access to their computer when they have received a call from someone offering to "fix" their computer. Others have clicked on links in emails or responded to pop up advertisements or emails asking for online banking information. Typically, these look like legitimate banking emails or sites. But, remember the bank will NEVER ask for your banking information by email. Also, if you do not bank with that FI DO NOT supply the information for the FI you bank with. What can you do to avoid this terrible situation? A few simple steps can protect you: First, use, update and run all the following individual software on a regular basis: malware, adaware, spyware protection and anti-virus software. These will protect you against Trojans, worms, spyware, adware and viruses and are available free on downloads.cnet.com. You will never be 100 per cent protected, but installing these types of software will give you about 98 per cent protection. Start with a full system scan and then at the very least, run a quick scan on a monthly basis.
Second, follow the guidelines set out by your financial institution. Some allow you to enter your 16 digit debit card number into your online banking and then check a box to remember this number. Use this feature! Once they ask your security questions there is a box you can check so they will not ask you your security questions when you use a certain computer. This is meant for a computer you would normally use to access your online banking, such as a home computer. Use this feature! This is not for a public access computer such as a library, hotel, etc.. Taking a few minutes to follow some of the security feature set up by your FI may save you some heart ache in the future.
If you are reading this article and have not done any of the above mentioned do not run to your computer and access your online banking unless you have all the software mentioned and used them. Instead install all the software, run a scan with each and removed the trojans/virus. Then access your online banking and follow your FI's instructions.
Remember your financial institution will never request personal information in an email or over the phone. If you are suspicious of an email contact your financial institution. If you are suspicious of a phone call, hang up and call your financial institution at a number you are certain is safe. Don't be so trustworthy of people soliciting information from you. You never know how it will be used.
Protect yourself. Don't be a victim.
Fraud Awareness is part of a national crime prevention campaign to increase Canadians' awareness of and knowledge about different types of fraud in order to help citizens to not become fraud victims. RCMP Saskatchewan's "F" Division Commercial Crime Section has offices in Regina and Saskatoon. Their role is to reduce the impact of economic crime on Canadians by maintaining the integrity of our economy through public education, crime prevention, and enforcement. To better educate yourself with this scam and others, please visit www.rcmp-grc.gc.ca/scams or www.antifraudcentre.ca
