The use of public and unsecured Wi-Fi by the use of Smart-phones, tablet and computer users are very risky. The risk is even greater when the use is for the purpose of assessing sensitive information. This is the warning that individuals have received from the Banking Ombudsman.
This warning by the Banking Ombudsman was released after an overseas transaction went wrong in the last month. The transaction was for a 6 figure sum to be deposited to a bank in New Zealand. This incident was very unfortunate and this money was stolen from the account the same month.
The theft happened due to the fact that there was a continued use of Wi-Fi by in transaction, and that the wireless connectivity was not secured properly. The other fact is that the banks failed to implement robust security in their transactions especially concerning the email that it sends which essentially contained instructions.
One Battell said that the account had been hacked by the fraudsters who managed to also hack into the emails; he also added that of the two email addresses, one related to the bank account and the other to the contract of employment.
By the fraudsters being able to acquire the email addresses, they were then in a position to pretend to be the customers. They then sent the bank detailed instructions to wire the money from the account. The bank, acting on these instructions, sent money to the fraudsters.
This is probably the reason why many banks refuse to accept the use of instructions issued via mail. This show that the risk associate with email addresses is high and the fact that emails can be hacked easily. Even though this risk is associated with emails, other banks accept the use of emails. They however use strict verification to confirm if the request to transact has been made by a genuine account holder. This may involve the bank reaching to the customer by making a call to the verified number provided by the customer. Sometimes to be sure the banks may go further to ask provided security questions; for example the name of a pet, a maiden name, the place of birth, date of birth, name of godmother or godfather etc.
According to the investigations that were conducted by the Banking Ombudsman on this occurrence, the bank was behind in security regulations unlike other industry players. The investigations also revealed that there was flaw in the employment contract such that the copy held by the bank had a conflicting signature.
According to the information provided by Battell, the banks should always uphold quality banking practices so as to ensure that the customers are protected. It is wise for many people to learn from this and avoid the risks associated with the use of email address to store crucial data as they can be hacked any time.
Fortunately for the couple, the bank has at last reimbursed the money that was stolen from that account. The bank was also forced to make payments on interests lost as a result of the fraud.