Dane Nicholson, Manager for Special Investigations in the Fraud Prevention Unit at NCB
National Commercial Bank (NCB) says over the last ten days, there has been a significant increase in the number of its customers who have been defrauded by scammers.
The bank on Wednesday revealed that cyber security attacks, known as phishing, smishing and vishing have resulted in customers being robbed of $17 million.
Dane Nicholson, Manager for Special Investigations in the Fraud Prevention Unit at NCB, told Radio Jamaica News that scammers have been targeting customers via text messages (smishing), emails (phishing) or phone calls (vishing) purporting to be from the bank.
In a phishing attack, Mr. Nicholson explained that fraudsters will ask customers to click on a link to regain access to their account after giving them the impression their account is "either locked due to suspicious activities or their password is about to expire or something of that nature".
"Once the customers click on the link, the link takes them to a landing page which looks similar to NCB’s landing page and it asks the customers to provide the username and password. Once the customers click 'next' then it normally times out and nothing else happens after that."
Mr. Nicholson noted that in these attacks, the scammers use the information obtained illegally to get the customers to provide personal data and verify transactions.
Where fraudsters call customers or pretend to be employees at the bank, this is known as vishing.
"We have seen in cases where they have even called the customer pretending to be me, asking the customers to verify certain transactions that they are seeing on their account and [saying] that they have seen other suspicious transactions and in order to stop the fraud now, they need the token code from the customers," Mr. Nicholson revealed.
"So, what a vishing attack does now is to give them the token code in order to add beneficiaries because they would have used the smishing attack to get the customer username and password and now the vishing attack would give them the token code in order to add beneficiaries to transfer the customers funds out now fraudulently," he explained.
The NCB fraud prevention manager said the scammers are also increasingly using social media sites such as Instagram and TikTok to target customers.
The fraudsters will set up pages purporting to be able to load customers' accounts with funds because they have "a link in NCB".
"They'll give the customer a 10 or 20, 30, 40 per cent cut, depending on how genuine the fraudster is. But all the fraudsters are doing is asking the customers for their username, password and token code and then take out a digital loan and leave the customer with this bag to repay those loans."
Mr. Nicholson reiterated that customers who provide personal information to the scammers and who obtain loans, will have to repay the debts.