Techzim

Zimbabwe and regional technology news and updates

advertisement
advertisement

RECHARGE

Nyaradzo logo

Banks need to pay back the money lost by account-holders to scammers & hackers

Bank cards, RTGS

Recently one of South Africa’s leading banks, FNB, lost an interesting suit involving about R2.9 million or about US$202 000 being siphoned out of a client’s bank account. The client who can only be described as technically challenged was duped using an online social engineering scheme, he gave the thieves his personal details which allowed them to steal the money through his account. FNB wanted the client to pay back the money. The courts denied their request.

An important case in today’s world

Banking isn’t what it used to be a decade ago. Back then, the only people you needed to be wary of were ATM card thieves who tried to guess your PIN and signatures. Most heists involved someone gaining physical access to your card. Now it’s different with apps, mobile banking and online banking, there are so many doors into your account.

While this is convenient it means you have so many doors and windows to secure in order to make sure your money and account are safe. The truth is your average day account holder lacks the tools and knowledge to protect themselves. Every other week I receive messages from helpless account holders desperately trying to get their money bank.

Banks just give you an account, ATM card and your passwords and leave you out in the cold with half-hearted that are not coordinated send out at sporadic intervals. I feel like most of them don’t have real earnest security and safety programs aimed at customers in order to bring them up to speed on what threats lie out there. I am not talking about some lazy PDF out there. I am talking about actually training each new user so that they are aware of the opportunities and threats they face regarding their accounts.

Blame the account holder strategy

In the FNB case here is what happened:

  • Godfrey Kgethile an unremarkable account holder whose account had a R5 000 (US$350) limit was told he had won a lottery by scammers online
  • He was using a computer in an internet cafe and he responded with his banking details and ID number to the scammers
  • Then a person with a “British accent” called him asking for his proof of residence and ID and he provided them.
  • Again he obliged since this all sounded harmless but imagine his suprise months later when he got a call from FNB demanding that he payback a loan of R2.9 million.
  • The account holder was unemployed and prior to that the bank had denied him a loan of R6 000 which he intended to boost his business.

FNB did what all banks do even here in Zimbabwe when stuff like this happens. Blame the account holder. They then even took the man to court asking that he pay the millions he had supposedly taken when it was clear it wasn’t him.

The bank was somehow making it out as his fault but what happened to him can happen to anyone. Anyone can be duped to give the sort of information he gave out. In fact, sometimes it’s even possible to get this data off the internet without even duping someone. After all, once information filters onto the internet it’s kind of hard to delete it.

Banks need to be accountable

I think it is the duty of banks to do more in order to combat hacks and thefts like this. For example, Zimbabwean banks should be made to pay back the money lost in card cloning schemes. This is because despite what you would think they are the ones to blame.

We all know magstripe cards are rubbish when it comes to security and yet here we have plenty of banks still giving out such cards. I even know a shameless local bank that takes 10 days to issue a magnetic strip card that comes with fancy embossing. In this day and age? Would be banks be doing this if the money stolen using cloned cards was coming out of their own pockets?

My grandmother doesn’t even know the importance of an OTP code. She was just handed a card after opening an account with a bank in Nyanga. All a thief needs to do is download an App, install it on their phone and politely ask her to give her that OTP over WhatsApp and its bye-bye pension money.

Not a long time ago I was contacted by an esteemed colleague who is in South Africa with a case that baffled me. It involved one of Zimbabwe’s leading banks. Each month my colleague’s relative would have their entire salary siphoned out of their account within minutes of landing in there. Each time it was a new account doing this and the money would go to one of those lite accounts you can open in minutes. The trail would go dead.

They had tried everything. Going to the bank, having their passwords reset. Getting a new phone. Getting a new card. Linking a new number to the account to no avail. Each time they go to the bank the staff is equally befuddled. They keep losing money because changing account details at work takes time.

Again if banks were made to pay for losses suffered by account holders they would be more vigilant and do better to educate their account holders. They would have skin in the game.


Quick NetOne, Econet, And Telecel Airtime Recharge

11 thoughts on “Banks need to pay back the money lost by account-holders to scammers & hackers

  1. In your friends case just change banks. I mean if you lose your pay twice a month that’s bad enough but 3 times. Why would you stay with the bank. The only reason to do that is if they owned the bank!
    Since that’s not the case just change banks!
    Being lazy about the time and effort required VERSUS losing all of their money
    The answer should be self evident.
    This is an intelligence test and they are failing hard.

    1. I read about this exact situation about 2 months back. This lady had her salary moved to an unknown account as soon as salaries were disbursed. She went to the bank & they didn’t offer anything helpful as they said they couldn’t track were it was going. At work, the finance & admin said it took time to change employees’ Banking details for salaries disbursements. She was contemplating quitting the job as this had been happening for the past 3 consecutive months

    1. (I think) the author has acknowledged this tip and actually uses the service, but sometimes circumstances get in the way i.e. writing articles on a phone while in transit. Now that I think of it, an actual review of Grammarly from someone using it on a pro/academic level under local conditions would be interesting. Gari, get on it!😂

      Ps. This scored a 98 on Grammarly. Nice👍🏼, but they want money to fix it🤣

  2. Especially ZB Bank dont ever bank there, its highly insecure – lost a lot of money and their Security Department is as lazy as f**k it doesn’t know what it is doing at all. Dont bank with ZB Bank

  3. My brother account was hacked…money was siphoned in SA…when we tried to block the card…there was non one to answer…stanchart…we fought it they had to return the money…if you can’t block the card and acknowledge that the call centre was down and the physical branch was closed …..they had no choice ..there is a law that protects consumers…up to a certain limit…this was used to win the case…don’t give up guys

  4. If banks always have to pay back money lost through hacks, the amount of these “hacks” would increase. What would stop a person from volunteering their card details to a hacker/cloner for a commission of the takings? They know fully well that the bank would compensate them, so long as they stick to their story of not knowing how the attacker got their details. Other would be hackers would also join the bandwagon, under the delusion of it being a victimless crime, as the victim would be reimbursed.

    Even in the absence of malice, there would be increased customer negligence as they technically the customers would have nothing to lose.

    There’s more to your friends story as RTGS dollars cannot have a dead end trail. Even if moved to a lite account, it has to be used or spent locally from there.

    The FNB case is unique and rare, but if the guy who thought he had won the lotto had lost his personal funds in his account, would you really blame the bank? If you do something stupid, the bank shouldn’t have to pay for that. I can bet that the guy didn’t even play any lotto, but was happy to win one.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.