Know the most common types of bank fraud

International law states that any illegal act involving deception to obtain money from a financial institution or a bank's depositors is categorised as bank fraud. As criminals are continuously coming up with different ways to steal people’s hard-earned money, banking customers should take note of these: 

An Account Takeover (ATO) uses techniques such as phishing attacks when fraudsters obtain account credentials by sending a fake email or text message to customers that directs them to a fake bank login page. The scammers hijack an online account, often using stolen credentials. Once access is achieved, the attacker changes the password to lock out the actual account owner.

Social engineering refers to attacks appealing to emotions and fears. Fraudsters try to obtain information such as account passwords and personal identity numbers (PINs), which allows them to take over accounts. Even if there are no funds in the accounts, they monitor them until deposits are made before stealing, and the accountholders do not even know the fraudsters have access to the accounts.

Call centre fraud is when a hoaxer contacts an organisation’s call centre pretending to be a legitimate customer. They may then trick the call centre representative into giving them access to an account or performing malicious actions within an account.

Credit card fraud is typically the card-not-present (CNP) fraud when others make dishonest online purchases with your card. They do this by stealing a physical card or finding a lost card or card information. Someone may take a photo of your card without you knowing and use the information at their leisure.

Electronic funds transfer fraud (EFT) is when the scammer poses as a trusted individual, vendor, company, or family member and requests an EFT transfer, often tricking the victim emotionally by claiming it is an emergency. 

New account fraud’s tactic describes what occurs when a criminal opens an account to commit theft, often utilising stolen identities.

Cybersecurity fraud is when swindlers target unprotected software to gain access to data servers and steal customer information.

Credential stuffing means thieves manipulate sophisticated bots to test random credentials automatically. They use lists purchased on the dark web, trying different combinations until they gain access to an account.

Be vigilant
Since senior citizens are the most targeted customers, they must not trust anyone asking for their personal banking details, likes PINs. Customers should: monitor accounts regularly; obtain real-time account notifications; never put your phone off when asked to do so by a caller; call the bank immediately if something seems odd and shred anything with account numbers or personal financial information.



Bank Windhoek’s Forensic Services
Manager, Johnny Truter