Tighten social media security settings to avoid social engineering, SABRIC urges The South African Banking Risk Information Centre (SABRIC) has warned bank consumers to be wary of social engineers who trick bank customers into divulging personal information that they normally would not disclose.
Social engineering is a form of manipulation used by criminals to trick their victims into giving up confidential information like their confidential banking details.
Explaining why criminals use social engineering, SABRIC CEO, Kalyani Pillay said “Criminals use social engineering because they find it easier to exploit our trusting abilities than to try and compromise our information using other means.”
It is with this in mind that SABRIC urges bank customers to be very careful with what information they place on social media platforms. Criminals use all available information about their victim when they apply social engineering tactics as it helps lend some credibility to their communication. Once the victim’s trust is gained, it is more probable that the victim will disclose more information.
The more information that criminals collect, the more convincing their lie becomes which makes it easier for them to source the information necessary to defraud bank customers.
SABRIC also emphasized the importance of tightening security features on social media sites as to make it difficult for criminals to steal your information.
Whilst not aimed at extracting personal information from their victims, social engineering skills are also used in other scams to influence the victim to take actions that benefit the fraudster. Internet dating scams are very prevalent and a good example of how female victims are lured into paying large sums of money to “help” their new romantic interest only to discover that they have been scammed.
Below are some tips that bank customers are encouraged to utilise to avoid social engineering:
- Never provide personal information in response to an unsolicited request, whether it is over the phone or internet Never provide your password over the phone or in response to an internet request.
- Ensure that no one sees you entering your cell phone banking password on the phone
- Avoid giving away your verification details aloud in public.
- Do not transfer the line or hand over the phone to a third party after completing self-authentication as cellphone banking is only meant to be used by the account holder.
- Do not reply to suspicious texts or click on unverified links. If the SMS purports to be sent by your bank, please call the bank to verify the authenticity of the message.
- Do not log on to any suggested website in the SMS.
- Have different passwords for different accounts, sites and programs that may store sensitive information.
For media queries or interviews with the CEO:
Media and Communications Manager
Tel: +27 11 847 3134
Cell: 082 070 5349