Consumers and businesses urged to beware of latest fraud modus operandi of remote access scams
While people and businesses continue to scale the use of digital services in the new normal, cybercriminals also introduce new opportunistic scams.
Mark Achiampong, Head Commercial Banking at First National Bank explained that remote access scams are a new fraud modus operandi, which entails scammers posing as IT department representatives from telecoms providers and/or banks to trick victims into relinquishing control of their devices to steal money and/or sensitive information.
Mark Achiampong says, “Remote access software is becoming a very popular way for fraudsters to attempt to defraud consumers and businesses. With remote access scams, fraudsters will call to offer you help to ‘block a fraudulent transaction’ by downloading and installing ‘protective’ software on your devices. Once you download the remote access software, they’ll ask you to log into your personal online banking profile”.
Once you’ve logged in, your device will go blank, and shortly afterward you will start receiving OTPs to confirm transactions that you did not perform. The fraudster then reassures you that these are fraudulent transactions and request you to either approve or send them the OTPs for them to block the transactions. Meanwhile they are the perpetrator using the OTP to process the fraudulent transaction”.
Mark shares some key safety tips that business administrators should practice to protect themselves:
- Beware of strange calls : If someone calls you, claiming to be from your bank, and offers to help you install software on your PCs and systems to protect you, or asks you to call the bank to release a payment, please end the phone call immediately and contact your bank yourself or through your business banking relationship manager.
- Never share your OTP: First National Bank will never ask you to share your One-Time PIN (OTP) under any circumstances. An OTP cannot be used to reverse a transaction.
- Never approve Smart inContact requests for transactions you did not initiate: If you receive a Smart inContact for a transaction you did not initiate yourself do not select Approve – this will allow the money to be moved out of your account.
- Keep your information private: Never disclose sensitive information, such as your username, password, card, and PIN details to anyone – not even a bank official.
“Through our trusted digital platform, we continue to educate our customers against the latest fraud modus operandi and prevention methods. While we strive to have the very best security in place to protect our customers, it’s equally vital for people to work with financial institutions to keep themselves safe from fraud. We encourage our customers to use any of our banking interfaces (Online Banking Enterprise platform) to immediately report any suspicious transactions on their bank accounts,” concludes Mark.