Cyber Crime: Are your online banking transactions safe? 0 292

online banking cyber crime

Checking your account balance, paying bills and managing your finances… Nowadays, it is pretty normal to do all those things online…. But are you sure you do them in the most secure way?

Presently, cybersecurity or (insecurity) in Kenya is the single biggest threat to business in terms of the consumption and use of Information Communication Technologies (ICT).

Unfortunately, innovation has meant that hacking tools are now cheaper and simpler to use in marking out vulnerable targets. Serianu Limited, the publishers of the Kenya Cyber security report, notes that Kenyan companies lost over Kes 15 billion in 2015 through Cybercrime. On top of this pile of victim losses sits the public sector at Kes 5 billion, followed by the financial services sector at Kes 4 billion. Sadly, this scenario is not unique to Kenya, cybercrime has been on a steady rise globally. Another study by consulting house PwC, notes that the number of cyber security incidents across all industries grew by 38% in 2015 and which is the biggest increase in the 12 years since the global study was first published.Over the recent months we have seen a rise in cases of cyber-attacks such as ransomware and data leakage, some which have even gone undetected. One such incident that went viral on regional social media circles involved a leading Kenyan bank. A hacker was supposedly able to access through a data systems breach, more than 500,000 customers’ details, including names and phone numbers and which were then plastered on various online platforms.

No doubt the mobile phone is the universal communication device of choice for many. The Communications Authority of Kenya notes that we have 39 million mobile phone subscribers in Kenya, 22 million who access and are constantly on the internet. A huge proportion of this fraction estimated at about 95% doesn’t have mobile security in place. This could very well mean that the smartphone is the single largest cybersecurity weakness we have today. With the advent of the Bring-Your-Own-Device (BYOD) culture, this could be true for both the individual and corporate users. This is a huge vulnerability gap considering that online and mobile transactions have become the most convenient ways of banking in Kenya through USSD short codes and Mobile banking apps.

Whereas banks may have invested heavily in ICT security systems, most Kenyans remain grossly unaware of the various cybersecurity threats that exist. Some of these include keylogging, Man-in-the-middle, Phishing and even ransomware attacks.

So how can you the consumer of online banking services ensure that you are not a vulnerable and easy target for hackers?

Teddy Njoroge, Country Manager for ICT security solutions company, ESET East Africa, says the first step would be for ICT professionals to obtain latest training on the prevalent risks in the market. Consumers, he adds would do much better for themselves by being proactive about their online security by keeping up with common cybersecurity threat solutions.

“These could be specific to the type of devices or platforms on which you access your online banking services. However, the important thing is to be aware of the potential risks and how to mitigate these in real-time, since it is very possible to detect unwanted intrusions such as phishing and ransomware scams”, says Njoroge.

Safer Online Banking principles

According to Njoroge, some key principles of safer online banking and payments to consider include using trustworthy devices and internet connections, while keeping the operating systems and software up-to-date. Not every internet connection such as public Wi-Fi at the coffee shop or a random network at any office is secure to be used for online banking or making payments. It is advisable instead to use a virtual private network (VPN) to keep your communications encrypted (unreadable) to anyone who may try to intercept them.

Whenever you connect to your online account, use your own computer, tablet or smartphone as it is more likely to notice if any suspicious activity is going. Avoid using a borrowed or public device that might put your data, account or savings at risk”, says Njoroge.

But having a strong password is perhaps the first step in proactively securing your device and online banking access. One easy technique in developing a strong but simple password regime is ‘pass phrasing’ which simply means using a sequence of words or other text to control access to a computer system, program or data. However, it is doubly important never to reuse your password e.g. for your bank, social media and other accounts which can mean a total hack into each account in case it leaks from any one of them. To manage these, one can use a password manager that will store all of them and allow you to remember just one master password.

Similarly, to enjoy the internet and maximize protection while connecting to an online banking account, one should install a trusted security solution on their devices. This will preferably be a reliable, multilayered and updated security solution. For example, ESET Smart Security offers protection from multiple types of malware as well as malicious tricks that might be disguised as harmless emails or websites. Cybercriminals will try anything to access your sensitive data. They will pretend to be your banker, pose as an innocuous notification in your email, or ask you to change the password via a link added to that email you just received. If you get any message asking you to change your banking credentials or click on a link, contact your bank and verify this immediately.

“If your bank offers two-factor authentication (2FA) for your online account, use it. This way the bank can double check if it is you connecting or making a transaction by using something only you have – such as your personal smartphone”, advises Njoroge.

For those who check their online banking account less frequently, it is advisable to set up alerts and notifications to your phone. Having information about all the current transactions makes it easier to recognize any suspicious activity. When not using your online banking platform, ensure to log out every time to avoid ‘man in the middle’ type of attacks.

Courtesy: http://techtrendske.co.ke

Previous ArticleNext Article

Ransomware Protection Crucial to Enterprise 0 303

Ransomware

Ransomware is by far the biggest threat among Enterprises.  So what is Ransomware? It is a malicious code that blocks or encrypts the contents of a device and demands a ransom to restore access to the data.

According to research done by ESET,  Companies named ransomware their number one concern.

In response to customer needs and concerns, ESET integrated Ransomware Shield into its security solutions. ESET has long been providing its customers with very good behavior-based malware detection and also with Host-based Intrusion Prevention System (HIPS) that allows users to set custom rules for the protection against ransomware. However, should something slip past the 11 other security layers, Ransomware Shield will be automatically activated.

While ransomware infection often starts with clicking a suspicious link or a fictitious invoice, ESET found that email remains the most common distribution method.

To combat these scenarios, enter ESET Dynamic Threat Defense (EDTD). EDTD provides another layer of security for ESET products like Mail Security and Endpoint products. It utilizes a cloud-based sandboxing technology and multiple machine learning models to detect new, never before seen type of threats. In result, attachments that were classified as malicious are stripped off the email and the recipient gets information about the detection.

To learn more about how ESET can protect your business, and to book a FREE in house Cybersecurity Training Session for your employees, please sign up below.

Free Training

Interview: Addressing the Six Biggest Cybersecurity Challenges for Enterprise 0 212

cybersecurity challenges enterprise
Ken Kimani, Channel Manager of ESET East Africa, introduces the 6 biggest cybersecurity challenges for enterprises

Enterprises are under constant attack from cybersecurity threats resulting in the loss of millions in revenue annually. Factors such as ransomware, targeted attacks, insufficient network visibility, various operating systems in an organization, bad security behaviour among office staff, lack of skilled cybersecurity workforce and the level of tolerance among staff are the major causes of cyber-attacks in the country.

To mitigate these issues, ESET East Africa offers free training, suitable for all skill levels to help educate enterprises on the importance of cybersecurity.

Subscribe to our newsletter to find out more about this training, our enterprise offering and to follow our series on the 6 Biggest Cybersecurity Challenges for Enterprises.