The fight against electronic fraud has widened as the Nigeria electronic Fraud Forum (NeFF) welcome into its fold the Nigeria Deposit Insurance Corporation (NDIC) and the Association of Certified Fraud Examiners (ACFE).
NDIC provides cover for banking industry depositors’ fund, while ACFE is the world’s largest anti-fraud organisation and premier provider of anti-fraud training and education.
The NeFF Chairman and Director, Banking and Payments System, Central Bank of Nigeria, ‘Dipo Fatokun, said the coming of the two institutions was part of strategies to accommodate new and systemically important stakeholders in the fight against electronic fraud in the industry.
Fatokun, who disclosed these at the third general meeting of the group with the theme: “Exploring New Protective Measures Against Social Engineering Vulnerabilities”, said that social engineering has become rife in cybercrime attacks in Nigeria.
“Almost on a daily basis, a plethora of messages are sent by these criminals with the express intent to con the unsuspecting recipient using techniques that appeal to vanity, greed or authority. It is therefore, important that we look critically at measures that will protect the industry as a whole from the menace of social engineering attacks,” he said.
But in a report presented at the meeting by Zenith Bank, social engineering is the use of tricks and psychological manipulations by a fraudster to collect sensitive security information from unsuspecting users.
The sensitive information include passwords; bank account details; unauthorised access to corporate systems; credit/debit card details and Persoanl Identification Number; identity theft, among others.
In Nigeria, some of the emerging information security threats in banking include social media; phishing emails; physical access to details; shoulder surfing; clicking on applications that appears to be useful and legitimate software; stealing of important documents, among others.
Meanwhile, Fatokun hinted that soon, there would be a dedicated e-Payment and Card Crime Unit in the Nigeria Police, which will enable greater efforts in the quest to successfully investigate and bring to book through effective and efficient prosecution of cyber-criminals.
Besides, he noted that NeFF has planned a workshop on the Cybercrime Prohibition and Prevention Act, which will expand understanding of the impact, implications and responsibilities of all stakeholders, particularly those operating within the financial services sector.
For Sterling Bank, in the case of insider situations, the regulator and banks should encourage whistle blowing, even if anonymous, which would trigger investigations.
The bank in its presentation, also said that information sharing among banks must be sustained, while collaborations with telecommunications companies must be strengthened to avert time lag in notifications of transactions alerts.
To sustain the awareness, Fatokun however, said there would be consistent publication of literature that will benefit the entire payments industry and customers alike, through NeFF’s reports.
Fatokun said that cyber criminals are not relenting in their efforts to defraud banks, customers and other organizations of values, as the world over, not just Nigeria, has been inundated with various news on their latest “Distributed Denial of Service (DDoS)” attacks.
Already, the attack has hit Twitter, PayPal, CNN, The New York Times, among others.
“This goes to show that increasingly, attacks of this nature are becoming common-place and tactics used, more damaging to individuals and institutions alike,” he said.
Noting that the tripod on which Cybersecurity lies- people, processes and technology, are like links, he assured that NeFF would sustain consultations and collaborations to forge formidable link in the pursuit of Nigeria’s payments security.