Beware, phishers on the prowl

With the Internet, humanity seems to have been stripped of secrets, spiking personal data compromise. ONYEKORMAKA ASABOR peeks into the world of fintech fraudsters

If there is any conspicuous impact Information and Communications Technology has brought to bear on mankind, it is turning the world into a global village. It is, therefore, not a hyperbole to say that the world, particularly in the area of financial services, is fast becoming cybernetic, and virtually every country is seamlessly adapting to the change.

The number of Internet users in Nigeria stood at 108.75 million in 2021, according to Statista, and the figure projected to grow to 143.26 million in 2026. Despite, Nigeria seems capable of adapting to the technological change.

Thus, the Internet penetration amounted to 51.44 per cent of the population in 2021 and is set to reach 59.92 per cent in 2026.


Ebanking: Curse or blessing?

Notwithstanding the advantages inherent in the Internet, not a few Nigerians ask if electronic banking is a blessing or a curse, as the upsurge in the hacking of bank customers’ accounts has become worrisome.

Aptly put, our banks and other financial institutions have become more vulnerable to cyber crime so much that depositors lose sleep, as scammers, each passing day, scavenge the financial technology space in a reprehensible business that is tagged ‘Yahoo Yahoo’.

With the upsurge in the number of people into Internet and mobile banking, cyber crime has been growing steadily over the years.

Cyber crime involves credit card fraud, spamming, spoofing, e-money laundering, Automated Teller Machine fraud, phishing, identity theft and denial of service.


Scammed via loan app

This treatise was triggered by a sad experience of a bank customer, Dan (not real name), whose savings account was recently hacked into.

Dan used his bank’s Facebook customer service platform without smelling a rat, as the platform’s design was the same as that of the bank. He had applied for a 1loan and N200,000 was approved.

He narrates, “While chatting with the purported bank staff, he requested that I press a digit, I think it was figure one, and subsequently figure two, and further requested the last six digits of my ATM, which I gave him. It was when he asked for my password that I queried what all the details got to do with loan approval.

“Sensing that he was being suspected, he posted his identity card to me, but I still declined his request for the password, and told him that I was no more interested. So, he typed on the chat box, ‘Use 065140 as your one time password, expires, 11.33am.'”

The chat ended. About one hour later, Dan got a notification from the bank indicating a debit of N1,500 as e-token charge.

“Unfortunately, on January 19, 2022, my account was hacked into, and the N12,800 balance in the account was transferred to one Abu Mohammed’s Credit account 0001775069 and Credit Bank Code as TAJ BANK. The foregoing details were conveyed to me through an e-mail from my bank.

“Immediately I saw the debit alert, I blocked my account through the bank’s Unstructured Supplementary Service Data code installed on my phone, and went straight to the bank the next day to report the case,” he stated.

He also requested a new ATM card.

As if that was not enough, on January 31, 2022, Dan received a message, “A device was added to your mobile banking. Please dial *966*911# if you did not initiate this request.” He explained that the SMS, which was received 2.10pm was followed with another, “Your request to update your account information request is being processed. Please dial *966*911# to block your account, if you did not initiate this request.”

Not long, another SMS followed, “Your mobile password was successfully changed. Dial *Dial *966*911# or call 012787000 if you did not initiate this request.”

It was obvious that Dan had all the while been dealing with a phisher.

A phisher is a person, who tricks Internet users into revealing personal or confidential information, which can be used illicitly.


Experts speak

An Information Technology expert, Mr. Dele Ajiboye, said a phisher would use emails to scam an individual of their money.

According to him, phishing is different from a lot of other scams because these crooks are not trying to get you to buy anything; they are just after information. 

“Phishing is a method scammers use to gather personal information from bank account holders by using deceptive e-mails and websites.

“The availability of phishing kits makes it easy for cyber criminals, even those with minimal technical skills, to launch phishing campaigns. A phishing kit bundles phishing website resources and tools that need only be installed on a server. Once installed, all the attacker needs do is to send out emails to potential victims. Phishing kits, as well as mailing lists, are available on the dark web.”

Some phishing kits, he added, allow attackers to spoof trusted brands, increasing the chances of someone clicking on a fraudulent link.

It is not an exaggeration to say that social media platforms, particularly Facebook, are flooded by phishers, who advertise availability of loans from banks. Some spuriously claim they could assist aspiring entrepreneurs to start up, particular in the area of agribusiness, moreso as the Federal Government of Nigeria has designed facilities for Small and Medium Enterprise investments as a way of promoting agribusinesses for Micro, Small and Medium Enterprises.

To secure any of the purported loans, applicants, mostly Internet users, are tricked into revealing personal or confidential information, which can then be used illicitly, Financial Street gathered.

It is still surprising to many, particularly to the Dans of this world, how easily an account can be hacked for the second time, even with a blocked account and new ATM card with new password.

Another IT specialist, Gabriel Igwebueze, disclosed how phishers could be recognised.


Red flags

According to the leadership of Facebook, on its Meta Business (formerly Facebook for Business), things to watch out for on its Messenger platform to void being scammed.

He listed some of those one should deal carefully with.

“Beware of anyone asking you to pay a fee to apply for a job, unverified pages claiming to represent a large organisation or public figure, people asking you to move your conversation off Facebook to a less public or less secure setting, such as a separate email, people asking you to send them money or gift cards to receive a reward, anyone claiming to be a friend or relative in an emergency, people who misrepresent where they are located, messages or posts with poor spelling and grammar and people or accounts directing you to claim a prize,” he warned.

Get in Touch


Please enter your comment!
Please enter your name here

Related Articles