20 April 2023
Security tips
Keep your personal information out of criminal hands
Privacy is not a commodity to be bought and sold, but in an increasingly online world of clicks and data harvesting, privacy is increasingly becoming a privilege. Our advice is to carefully safeguard your privacy - along with your personal information.
Institutions like banks and financial services organisations, such as RMB Private Bank, focus considerable time and attention on protecting our clients' data and ensuring our systems are safe and robust. Not only do we ensure that regulations are strictly adhered to, but our experts continuously monitor new strategies and scams being used by hackers and cybercriminals.
Ettienne Fourie, Head of Fraud Risk Management, knows first-hand the tactics being deployed by fraudsters. He notes that they are becoming more sophisticated, and the majority of frauds are committed when people inadvertently open the door to sharing vital details about themselves online or with criminals skilled at extracting information.
A particularly important point to remember at the moment, says Fourie, is to never save your banking passwords to your internet browser, mobile phone or in the cloud. While it is tempting and convenient to store your passwords on your computer or device, it is best to avoid exposing your personal information - particularly when it comes to banking and other sensitive information.
Even if you think that you have never stored your password on your computer or device, your settings might actually allow an internet browser like Google Chrome to automatically do so. If in doubt, open Settings and go to Passwords in the browser or, for example, on your iPhone. Then go to Password Settings, and confirm that no passwords were saved on your device.
If your phone is stolen or lost remember to delink the device immediately from your online banking or RMB Private Bank App profile. It is also important to contact our 24/7 fraud desk immediately on 087 575 9444 to inform us if your device has been lost or stolen.
Be savvy, and safe
Fourie notes that RMB Private Bank clients are definitely becoming more savvy about their online security; taking on board information and tips shared by the bank. 'We've seen a huge increase in people phoning us the moment their phones are lost or stolen, which is hugely encouraging. But our recommendation is still not to store passwords on your device or in the cloud,' says Fourie. He also notes that clients are becoming more sceptical about answering questions and providing sensitive information to callers claiming to be from the bank.
That said there is always another modus operandi doing the rounds which needs to be highlighted and taken on board. Most recently fraudsters are using the element of fear to send out text messages claiming that bank accounts are being blocked, or even frozen due to FICA non-compliance, in order to lure users into clicking on links without thinking.
Fourie explains that after the client clicks on the link, 'they will access a website which looks identical to that of the bank with the only tell being that the URL (web address) is different. Clients are led to believe that they are logging into RMB Private Bank's Online Banking but in reality they are compromising their sensitive information such as their online banking login credentials, card number, OTP, and even the CVV number on the back of their card - it is like giving the keys to your house away.'
However, Fourie is quick to assure clients that RMB Private Bank's fraud experts are working hard in the background to derail scams of this sort. 'We take fraud and protecting our clients very seriously,' he says. While noting that he cannot go into specific details, Fourie stresses that the key safety takeaway right now is: 'Even if it looks like a message from RMB Private Bank it might not be. This is currently an industry-wide cause for concern. So, when in doubt, exercise particular caution.'
Another scam currently involves the comprising of email login credentials, particularly when a company makes use of a shared email address.
'Fraudsters can easily intercept and monitor these emails if one of the email users clicks on a phishing link to give them access,' explains Fourie. As a result, fraudsters can then use the email account at will to send falsified invoices with amended bank account information to the company's existing clients, using information readily available to them due to their unrestricted access to the email account. Funds are then paid into a different bank account - this being the fraudster's bank account and not that of the company that is rendering the service. Fourie explains that when making large payments, be sure to take the time to confirm bank account information directly with a service provider before making the payment, for instance by contacting them telephonically. This step guards against the possibility that the bank account information on the invoice received via email may have been altered if the company's emails have been intercepted.
And it's not just banking...so travel with care
On a related note, Fourie adds that caution online and digital behaviour should not only be the preserve of your banking universe, careful and considered digital habits should encompass all aspects of your online identity and how you navigate the technologies that have become so ubiquitous in our lives.
Fourie urges RMB Private Bank clients to consider using technology to ensure their physical security - by, for instance, switching on live location and sharing it with family members on WhatsApp when travelling - or online safety - by using an RMB Private Bank virtual card or by ensuring that holidays are booked using approved and credible suppliers.
'Globally we are seeing an increase in scams and fraud attempts,' explains Fourie. 'So, if you are planning to get away over any holiday period be sure to book accommodation using credible companies and don't, for instance, rely on Facebook or other social media. Just because a site has 1 000 followers or likes, doesn't mean you are dealing with a credible service provider. Remember, your personal information and privacy are definitely worth more than a saving few hundred rands. So, tread and transact with care.'
Fourie adds that during the holidays, scammers don't rest; in fact they ramp up their efforts to catch people off guard while their defences are down. It is particularly important, therefore, to re-familiarise yourself with the security essentials of banking and interacting online during these down times.
Bearing that in mind, RMB Private Bank's top security tips to keep front of mind are:
Institutions like banks and financial services organisations, such as RMB Private Bank, focus considerable time and attention on protecting our clients' data and ensuring our systems are safe and robust. Not only do we ensure that regulations are strictly adhered to, but our experts continuously monitor new strategies and scams being used by hackers and cybercriminals.
Ettienne Fourie, Head of Fraud Risk Management, knows first-hand the tactics being deployed by fraudsters. He notes that they are becoming more sophisticated, and the majority of frauds are committed when people inadvertently open the door to sharing vital details about themselves online or with criminals skilled at extracting information.
A particularly important point to remember at the moment, says Fourie, is to never save your banking passwords to your internet browser, mobile phone or in the cloud. While it is tempting and convenient to store your passwords on your computer or device, it is best to avoid exposing your personal information - particularly when it comes to banking and other sensitive information.
Even if you think that you have never stored your password on your computer or device, your settings might actually allow an internet browser like Google Chrome to automatically do so. If in doubt, open Settings and go to Passwords in the browser or, for example, on your iPhone. Then go to Password Settings, and confirm that no passwords were saved on your device.
If your phone is stolen or lost remember to delink the device immediately from your online banking or RMB Private Bank App profile. It is also important to contact our 24/7 fraud desk immediately on 087 575 9444 to inform us if your device has been lost or stolen.
Fourie notes that RMB Private Bank clients are definitely becoming more savvy about their online security; taking on board information and tips shared by the bank. 'We've seen a huge increase in people phoning us the moment their phones are lost or stolen, which is hugely encouraging. But our recommendation is still not to store passwords on your device or in the cloud,' says Fourie. He also notes that clients are becoming more sceptical about answering questions and providing sensitive information to callers claiming to be from the bank.
That said there is always another modus operandi doing the rounds which needs to be highlighted and taken on board. Most recently fraudsters are using the element of fear to send out text messages claiming that bank accounts are being blocked, or even frozen due to FICA non-compliance, in order to lure users into clicking on links without thinking.
Fourie explains that after the client clicks on the link, 'they will access a website which looks identical to that of the bank with the only tell being that the URL (web address) is different. Clients are led to believe that they are logging into RMB Private Bank's Online Banking but in reality they are compromising their sensitive information such as their online banking login credentials, card number, OTP, and even the CVV number on the back of their card - it is like giving the keys to your house away.'
However, Fourie is quick to assure clients that RMB Private Bank's fraud experts are working hard in the background to derail scams of this sort. 'We take fraud and protecting our clients very seriously,' he says. While noting that he cannot go into specific details, Fourie stresses that the key safety takeaway right now is: 'Even if it looks like a message from RMB Private Bank it might not be. This is currently an industry-wide cause for concern. So, when in doubt, exercise particular caution.'
Another scam currently involves the comprising of email login credentials, particularly when a company makes use of a shared email address.
'Fraudsters can easily intercept and monitor these emails if one of the email users clicks on a phishing link to give them access,' explains Fourie. As a result, fraudsters can then use the email account at will to send falsified invoices with amended bank account information to the company's existing clients, using information readily available to them due to their unrestricted access to the email account. Funds are then paid into a different bank account - this being the fraudster's bank account and not that of the company that is rendering the service. Fourie explains that when making large payments, be sure to take the time to confirm bank account information directly with a service provider before making the payment, for instance by contacting them telephonically. This step guards against the possibility that the bank account information on the invoice received via email may have been altered if the company's emails have been intercepted.
On a related note, Fourie adds that caution online and digital behaviour should not only be the preserve of your banking universe, careful and considered digital habits should encompass all aspects of your online identity and how you navigate the technologies that have become so ubiquitous in our lives.
Fourie urges RMB Private Bank clients to consider using technology to ensure their physical security - by, for instance, switching on live location and sharing it with family members on WhatsApp when travelling - or online safety - by using an RMB Private Bank virtual card or by ensuring that holidays are booked using approved and credible suppliers.
'Globally we are seeing an increase in scams and fraud attempts,' explains Fourie. 'So, if you are planning to get away over any holiday period be sure to book accommodation using credible companies and don't, for instance, rely on Facebook or other social media. Just because a site has 1 000 followers or likes, doesn't mean you are dealing with a credible service provider. Remember, your personal information and privacy are definitely worth more than a saving few hundred rands. So, tread and transact with care.'
Fourie adds that during the holidays, scammers don't rest; in fact they ramp up their efforts to catch people off guard while their defences are down. It is particularly important, therefore, to re-familiarise yourself with the security essentials of banking and interacting online during these down times.
- When in doubt contact our dedicated Fraud Security Centre on the RMB Private Bank App, which contains additional fraud functionality and other relevant fraud information. Please take the time to familiarise yourself with our Security Centre.
- Remember RMB Private Bank will never ask you to share your username, password or OTP (One-Time PIN).
- Always know who you are dealing with. People claiming to be phoning from the bank might not actually be from the bank. This includes emails and SMS communication.
- Never click on any suspicious links or attachments contained in an email, or a WhatsApp message.
- Immediately contact our 24/7 fraud line on 087 575 9444 to delink a lost or stolen device (including your lost or stolen cellphone) or to report a fraudulent transaction.
- Take the time to confirm account information when making large payments on an invoice emailed to you. Always confirm bank account information directly with a service provider on the phone before payments are made.
- Make informed choices regarding which email address to use, since some email services are not secure.
- Enable additional security-related features to protect your email account, such as two-factor authentication.
- Perform frequent anti-virus and malware scans on your personal computer and mobile device, using software that is up to date.
- Use unique and strong passwords. Don't use one password for multiple profiles and accounts.
- Limit the amount of personal information that you publish on social media and apply privacy settings where appropriate.
- Guard your personal information and login credentials like a hawk - remember sensitive information, such as your login credentials and card information, is the new gold, so keep yours under lock and key!