How the rise of data breaches affects your banking safety

Absa Bank has warned customers to be vigilant against attempts to have them hand over their card pin, One-Time PIN (OTP) or banking password online.

The bank said banking fraud is on the rise globally, with criminals using personal data from breaches to impersonate banks and trick customers into granting them access to their account.

"In South Africa, digital banking fraud cases increased by 64% over the past year; these impact the entire financial services industry," Absa said in a statement on Monday.

Data breaches fuel phishing (impersonation through emails, commonly containing hyperlinks used to get sensitive information from the customer), vishing (similar impersonation, but through phone calls) or smishing (similar impersonation through text messages).

Absa’s Head of Fraud Strategy, Ulrich Janse Van Rensburg, offered these safety tips:

•   don’t use public WIFI when banking;

•  check that the bank’s website browser begins with https;

•  create complicated passwords that are not easy to decipher, and change them often;

•  type in the URL (uniform resource locator) for your bank if you need to access the webpage.

 World Data Privacy Day  

Monday is World Data Privacy Day, which aims to highlight that millions of people worldwide are unaware of how their personal information is being used, collected or shared in an increasingly digital society.

Business leaders in the World Economic Forum's Global Risks Report 2019 listed a 'massive incident of data fraud and theft' as their fourth largest concern, after extreme weather changes, failure to mitigate for climate change and major natural disasters.

In South Africa, a massive data breach targeted Liberty Life in June 2018 and was considered the biggest hacking incident in the financial services sector in the country. The company maintained no clients suffered any financial losses and policies and investments were not at risk from the attack on its email server.

Lobby group the Rigt2Know campaign said International Data Privacy Day 2019 is a reminder that people’s private information is not yet protected in SA.

"Even though on paper we have the Protection of Personal Information Act of 2013 (the POPI Act), which would prevent our personal information being abused by private companies and government agencies. Five years after being signed, the law is still not in force," The Right2Know campaign said in a statement on Monday.

The lobby group questioned why the POPI Act is not yet in force and blamed this on the delay in ensuring the Information Regulator is operational

"Headed by Advocate Pansy Tlakula, the Information Regulator would have the mandate to enforce POPI and step in when companies or government agencies misuse our personal information. But it still does not have the staff, resources and systems to fulfil this mandate," The Right2Know campaign complained.

According to law firm Michalsons, the majority of the act will only commence at a later date, to be proclaimed by the president. As there is a one-year grace period for companies and entities to comply, the POPIA deadline might only be set for the end of 2019 or in 2020.

Brent Crude
All Share
Top 40
Financial 15
Industrial 25
Resource 10
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Please select an option Oops! Something went wrong, please try again later.
I'm not really directly affected
19% - 194 votes
I am taking a hit, but should be able to recover in the next year
26% - 268 votes
My finances have been devastated
29% - 294 votes
It's still too early to know what the full effect will be
26% - 260 votes