In a recent spate of smishing and vishing attacks, National Commercial Bank Jamaica Limited (NCB) customers have lost millions to scammers in the past two weeks, after clicking on links and divulging their personal banking details to fraudsters. While victims of these attacks may be reimbursed by NCB after investigations are concluded, the bank has signalled the need for customers to be more vigilant and to take greater personal responsibility.
“Jamaica’s equivalent of lotto scams is banking scams. With lotto scams, each individual holds the key to protecting themselves vby not sending the money requested for various urgent reasons. With banking scams, each individual holds the key to protecting themselves by not clicking on links or sharing personal information,” shared Dane Nicholson, Manager of Special Investigations in the Fraud Prevention Unit at NCB.
“NCB has spent millions educating customers about not clicking on suspicious links since 2016, yet this behaviour continues. We have invested billions of dollars on technology to protect our customers. We send text messages and emails with transaction alerts so customers can detect suspicious transactions, and online and mobile banking customers are secured with an RSA token, which requires dual authentication for certain transactions.
All these tools still require customers to take personal responsibility in protecting their sensitive banking details such as PIN, token code and password. Even if you spend a lot on a home alarm or grille system, if you share your alarm code or let in a stranger, these investments will not protect you.”
Nicholson continued: “NCB does not send customers emails or text messages requesting them to click on any link to take action. We have a firm no-click, no-link policy, and we will never ask customers to share their personal private banking details with us through email, SMS, or phone call.”
HOW TO SPOT SCAMS
NCB’s Fraud Prevention Unit encourages customers to take all precautions against scammers, and shared the following tips:
• Unless you call the bank for help with resetting your account password/PIN/user name/RSA token, never share any information relating to your account. Please note you should never share your account password and PIN with anyone.
• Never click on links received in emails or text messages — especially when it relates to your bank account, credit or debit cards. We recommend that you contact the bank directly to verify if something is indeed wrong with your account or visit the nearest branch for assistance.
• Be careful where you shop online with your credit card. Ensure that the website you are using is secure before entering your card information on those websites. Check for the small padlock icon in the address bar, and look for websites whose URLs or addresses start with ‘HTTPS’.
• Don’t enter online sweepstakes asking for personal information. Also, if you’ve never entered a competition and you get an email or text message saying you’ve won a competition — chances are, it’s a scam.
• Avoid ‘account-loaders’ on social media at all costs — or it will cost you. Account loaders typically prey on account holders on social media, asking them to share their account information with them in exchange for payment. These scammers simply want access to your account to help them with money laundering when they steal from others. What’s worse, once they have access to your account — they’ll steal from you too.
• If a customer has already clicked a suspicious link, and shared their private banking information, NCB urges them to immediately report it to the bank’s customer care team so that their cards and accounts can be blocked.