Mostly, the world has shifted from what it used to be to take another dimension due to advent of technology. Technology, as powerful and useful as it is, is also a means of spreading illegality. In fact, many a criminal has taken advantage of it than some people in the corporate world. In this piece, we will peruse what is meant by online bank robbery. Those who are regular readers of my piece will understand that I’ve always emphasized the need to think like a thief in order to have a better understanding of their ways.
First, let’s start by discussing the ways in which people rob banks through the aid of the internet—remember that we are thinking like thieves in this context!
Phishing. If you can’t rob a bank directly, go after its customers. These days most of us know not to open suspicious emails claiming to be from their bank, but people do still fall for such phishing attempt, inadvertently handing over their passwords to crooks by logging in to fake websites. Many banks now issue physical tokens that provide secondary authentication designed to foil these attacks, but not all do (Aron, 2013). Yes, that is what an average online robber does; no method is too archaic for them because they believe there are some people that will still fall for their scam.
Cloning of cards. Credit and debit cards are often targeted by criminals, either by stealing individual cards or modifying ATMs to record card details and PINs. The account details are copied on to blank cards and then used to withdraw money or buy goods to sell on. Many countries use a chip and PIN system to prevent this, so criminals have got into the habit of taking cloned cards to the nations where the system is not yet in widespread use. Some take this even further. In 2013, eight people were arrested in New York for cloning cards and hacking bank systems to raise each card’s account limit, before withdrawing nearly $45 million from ATMs around the world (Aron, 2013).
Distraction with a DDoS. Bank robbers can knock out CCTV and disable alarms before they break into the bank. The electronic equivalent is a distributed denial-of-service attack (DDoS), in which large volumes of network traffic hammer a bank’s systems, giving criminals the cover they need. “While the bank’s IT staff is scrambling to keep its servers online and running, criminals are transferring money from users’ accounts,” says Kolsek. In 2012, the FBI warned that criminals could get their hands on millions using software costing just $200 (Aron, 2013).
Now that we have learnt some of the major ways in which criminals perpetrate their heinous acts online, let’s think of the way out.
Learn the act of using good password security. Some business owners understand that a strong banking password is a critical first line of defense. Others just don’t get the message. In fact, an alarming number of online passwords still consist of common, easy-to-guess phrases. If your favorite password is “123456,” consider this your wake-up call: You’re courting disaster with such a weak password. Instead, use a strong password that combines lower- and uppercase letters, numbers, and (if possible) non-alphanumeric characters. Just as important: Don’t use your online banking password anywhere else — ever. And don’t store an unencrypted password on a computer or anywhere else an outsider might access it. Instead, consider using password-management software that simplifies the task of creating and saving strong passwords (All Business, 2019).
Take cognizance of phishing scam. Phishing — the practice of tricking people into giving up their bank-account login credentials or other sensitive data — is a common tactic among scammers. A typical phishing scam might involve an email, apparently from your bank, that asks you to click on a link, log in, and “update” your profile. Follow that link, and you’ll see a website that looks and works just like your bank’s site. But it’s really a clever fake. When you enter your login credentials, the attacker will capture that data and access your account. Beware of any email asking you to provide or update your banking information. Never, ever, follow an email link to log in to a financial-services website. Always type the URL directly into your browser window. And always look at your browser’s address window for confirmation that you’re logging in to a legitimate website. (Look at your browser’s documentation for more information on how to do this) (All Business, 2019).
Phishing takes place offline too. Some scammers use phone calls and personal interaction to squeeze information out of a target. This practice is referred to as “social engineering,” and famous hackers like Kevin Mitnick were notorious for gathering sensitive information by posing as co-workers, service technicians, or customers. These kinds of tactics can work even if your employees don’t give up vital information like logins and passwords. Instead, an attacker may piece together small bits of seemingly harmless information to draw valuable conclusions that could help him access your company’s computer systems, online accounts, or login information. Train your employees to recognize that a caller or visitor may not be whom they claim to be — and that giving out information to unknown and non-trusted sources is always a no-no (All Business, 2019).
Always update your defenses. If you use Windows PCs, antivirus software isn’t an option — it’s a requirement. It’s a bad idea even to connect a PC to the Internet if it lacks a working firewall and antimalware protection. These tools aren’t perfect, but they’re much better than having no protection at all. The debate over whether you need to use antimalware on a Mac or Linux system is a contentious one, and it’s true that very few malware attacks target these platforms today. On the other hand, it only takes one successful malware attack to compromise your system and expose your online banking login to an attacker. Sometimes, a little “insurance” can help you be safe instead of sorry. By the way, the same thing increasingly applies to mobile banking apps. Mobile malware may not be as common today as the desktop variety, but that is changing — quickly (All Business, 2019).
References
All Business (2019). 9 Ways To Avoid Online Bank Robbery. Retrieved from https://www.allbusiness.com/slideshow/9-ways-to-avoid-online-bank-robbery-16694862-1.html/5
Aron, J (2013). Five Ways to Rob a Bank Using the Internet. Retrieved from https://www.newscientist.com/article/dn24324-five-ways-to-rob-a-bank-using-the-internet/
Somerville Bank (2019). Mobile Bank Heist: New Bank Robbers Target Your Phone. Retrieved from https://somervillebank.net/mobile-bank-heist-new-bank-robbers-target-your-phone/