Banks' presence in social networks has brought many benefits, especially for their contact with the client and the service they provide. It has allowed to enhance connection and communication, resolve concerns, report news. In fact, a McKinsey & Company study found that more than 40 percent of consumers prefer to connect with customer service through social media.
However, in recent times we have not been tired of hearing about frauds committed by these means when criminals contact their victims posing as advisers to these banking entities. Once they manage to gain their trust, they request sensitive data that no bank would ask for through these channels. The cunning of the criminal and the lack of awareness of the user about the risks to which they are exposed on the internet and social networks, how to detect them and how to prevent them, are the perfect combination so that fraud or information theft is at hand since what they seek is not to violate the bank but the user.
In this type of deception, the offender creates a false profile that simulates the original with some accuracy (it is a false copy with all the characteristics that an official one should have, as a false bill) and seeks to contact people who fall into the trap. It is not an intrusion into our computers or a virus that seeks to take control of them, but, on the contrary, seeks contact with users and gain their trust so that they are willing to deliver all their sensitive information (users, keys, token, etc.) in just a few minutes of conversation.
How do we realize that we can be a potential victim?
As I mentioned, beyond the fact that the user who contacts us uses the logo of the bank and his name in his account, we can realize that it is a false account due to the number of followers and the publications he also has, if it is a verified account, or not, the date of creation of the profile and asking for data that we did not give.
However, we must always keep in mind that no bank will ask for personal data or sensitive information such as access codes, passwords, user names, etc. If we notice something suspicious in the contact, it is best to abandon it, not provide more information and immediately contact the bank we operate. The same if we have already provided sensitive data, we notify the entity while changing all the access credentials to our accounts and ATMs.
Keeping our devices protected and updated can help us create additional security. Still, the best tool will always be to be aware of our use of the internet and social networks and to know that our private information is not shared by these means. Stopping criminals is a more difficult task, as every day, they are sharpening their techniques to achieve their mission.
Neither the solution is to close the profiles of the banking entities. The challenge is placed on users and educating them to be responsible for their use of these social media. You can also turn to a security professional to carry out “digital custody” of the networks, verify the possibility of being compromised, and minimize the risks. Each of us, as users, can do the same with the responsibility that this requires.
You must be logged in to post a comment.