Banks are fighting an uphill battle to protect themselves and their client accounts from cyber attacks, and the sometimes careless use of social media by customers and staff isn’t making the fight any easier.
British police and banks this week warned customers about the rise in criminals using social media to strike up a relationship and then try to get money from them.
Personal details from sites such as Facebook, Twitter and LinkedIn are also being used by fraudsters to scam customers, including to help in the increasingly common practice of “vishing”, or voice phishing, industry sources said. “Vishing” involves fraudsters calling and saying they are from the bank. They say there is a security problem, and ask the customer to call the emergency number on their bank card. But the fraudsters never hang up and create a fake dial tone to convince the customer to provide account details or even transfer money to another account.
Revelations this month that hackers had obtained details of 83 million customers of JP Morgan — one of the biggest data breaches in corporate history — have shown how vulnerable banks remain, despite spending hundreds of millions of dollars a year on cyber defences. That was a complex attack, but far simpler frauds involve scammers using social media profiles to obtain a fuller picture of potential victims, bank industry sources and fraud investigators said.