While people and businesses continue to scale the use of digital services in the new normal, cyber criminals also introduce new opportunistic scams. Remote access scams are a new fraud modus operandi, which entails scammers posing as IT department representatives from telecoms providers or banks to trick victims into relinquishing control of their devices to steal money or sensitive information.
“Remote access software is becoming a very popular way for fraudsters to attempt to defraud consumers and businesses,” says Giuseppe Virgillito, head of digital banking at FNB. “With remote access scams, fraudsters will call to offer you help to ‘block a fraudulent transaction’ by downloading and installing ‘protective’ software on your devices. Once you download the remote access software, they’ll ask you to log into your personal online banking profile.
“Once you’ve logged in, your device will go blank and, shortly afterwards, you will start receiving OTPs to confirm transactions that you did not perform. The fraudster then reassures you that these are fraudulent transactions and request you to either approve or send them the OTPs for them to block the transactions. Meanwhile they are the perpetrator using the OTP to process the fraudulent transaction ”
Virgillito offers these key safety tips that consumers should practice to protect themselves:
- Beware of strange calls: If someone calls you, claiming to be from your bank, and offers to help you install software on your PC to protect you, or asks you to call the bank to release a payment, please end the phone call immediately and contact the relevant fraud department yourself.
- Never share your OTP: FNB will never ask you to share your One-Time PIN (OTP) under any circumstances. An OTP cannot be used to reverse a transaction
- Never approve Smart inContact requests for transactions you did not initiate: If you receive a Smart inContact for a transaction you did not initiate yourself do not select Approve – this will allow the money to be moved out of your account.
- Keep your information private : Never disclose sensitive information, such as your username, password, card, and PIN details to anyone – not even a bank official.
“Through our trusted digital platform, we continue to educate our customers against the latest fraud modus operandi and prevention methods. While we strive to have the very best security in place to protect our customers, it’s equally vital for people to work with financial institutions to keep themselves safe from fraud. We encourage our customers to use any of our banking interfaces to immediately report any suspicious transactions on their bank accounts.”