I remember in school I would collect stamps and stick them on a card and take it to the bank, which would then credit my passbook with the amount.
Better than sticking your coins in a piggy bank which might get grabbed and smashed by an elder sibling or needy adult.
Back in the day, bank interest rates were at least worth the sacrifice of locking up your funds. Around 6-7% in the early 1990s meant your money was working for you.
But as the interest rates kept sliding, one began to question putting money in a bank, just to get a miserly interest ranging from 0.1% to under 1% per annum. And the bank makes demands on minimum deposit amounts and tenure, and if you drop below that the penalties are swift and painful.
You might be better off keeping your money in a piggy bank or a biscuit tin.
So, as banks started losing their allure and relevance, they scrambled to switch things around, going high tech and making everything convenient, fast and mobile. And with the support of the system, they forced businesses to adopt this in the name of efficiency, technological progress and transparency.
The smart city wants everyone to be plugged in and pay without cash literally changing hands.
But as banks were quick to play catch up with technology and disruptions, obviously eying the possibility of chasing up their valuations and expanding their reach, they failed to look far enough ahead at the potential problems. While chasing the lucre, they forgot that their digital systems could be compromised.
The recent phishing scams and hacking that have been taking place were to be expected. Yet, they were allowed to take place.
And the writing had been on the wall for many years, according to Parvinder Walia, President for Asia Pacific and Japan at cyber security solutions provider, ESET.
“Cybercriminals have been employing social engineering attacks such as phishing to steal personal data for many years now. And, from as early as 2013, security vendors have predicted that scammers would increasingly turn to SMS phishing, also known as smishing,” he explains.
“SMS attacks have certain advantages which make it a preferred method for cybercriminals, given that SMSes do not contain a sender address for quick visual verification. So, cybercriminals today have been quick to leverage spoofing techniques, some options include changing the caller phone number and ID to mimic those of real organisations, or attach themselves to previous chat threads within legitimate correspondences to dupe unsuspecting victims into providing their log-in details. The latter was evident in the recent OCBC phishing scams.”
Having been bitten hard, and quite publicly, the authorities moved swiftly to react.
“The bid to remove clickable links in emails or SMS from banks by the authorities is a good step forward to protect customers from phishing scams. However, more needs to be done to educate users on social engineering attacks. Scammers’ tactics are growing more sophisticated, and constant education around cyber hygiene will play a critical role in preventing the occurrence of similar incidents,” Walia explains.
He adds that apart from scrutinising texts and emails, users should consider using a reputable multi-layered security software with anti-phishing protection.
“Based on ESET’s APAC Consumer Cybersecurity Survey, which was commissioned last year, only 23% of the 11,000 respondents surveyed in APAC have installed a mobile security app on their smartphones, showing that there is still a large gap when it comes to using the latest cybersecurity software to safeguard against phishing scams. The use of a mobile security app with an anti-phishing feature can also be useful in preventing social engineering attacks as they are able to block ‘fake’ websites designed to steal user credentials.
“As cyberattacks are likely to run increasingly rampant in the digital economy it’s only right that we update both our knowledge, the systems and software we use to protect ourselves against further damage. While banks play a critical role here, as technology users, customers must take appropriate steps to safeguard their assets as well as their data,” Walia adds.
As we continue this headlong rush into a brave new digital frontier, it would appear that our guard must be kept up at all times. What’s convenient for the end user could also prove to be easy pickings for the clever cybercriminal.