Online banking fraud
Another type of fraud that has become increasingly common in recent years is online banking fraud.
Online banking fraud occurs when the criminal gains access to and transfers funds from an individual’s online bank account. In some cases, an individual may be duped by a criminal into making a fraudulent money transfer themselves. How does this take place?
Victims are directed, by the criminal to fake websites usually by emails which appear to originate from legitimate sources. The victims are then tricked into revealing personal information, including bank details.
Vishing takes place when the criminal phones a potential victim and poses as someone from a legitimate organisation, such as a telephone company or internet provider. The criminal will then attempt to get the customer to disclose personal or financial information, which they will use for their own fraudulent purposes, or get the customer to transfer money to a fraudulent account.
Malware is malicious software, such as a virus or Trojan, which can be hidden in attachments and free downloads. It can interrupt your online banking sessions and present you with a fake – but seemingly genuine – screen, prompting you to enter passwords and codes that can be captured. This information can be used by criminals to access your online accounts and make fraudulent payments
In this type of fraud, the criminal steals a victim’s identity to do one or more of the following:
Open an account in the victim’s name (application fraud)
The criminal may use information obtained from stolen or discarded documents (eg bank statements or utility bills).
Take over the victim’s account (account takeover)
The criminal uses phishing or other forms of social engineering to obtain the victim’s personal information and then dupes the victim’s bank into believing the victim has changed their address. This allows the criminal to take over the victim’s account.
Account takeovers can also take place by the fraud criminal socially engineering the victim’s details (through Phishing, Vishing or Smishing) and take over the account online, so there is no need to dup the bank.
© Coventry University. CC BY-NC 4.0