|
|
 PROTECT YOURSELF ONLINE
|
Types of fraud
|
|
Currently there are a number of types of online fraud that are prevalent; they are:
Keystroke loggers/Trojans. Users are tricked into downloading a piece of software onto their computer by either visiting a compromised website, opening an attachment or following links in an email. This software captures ‘users’ keystrokes, including Online Banking log-on details, and sends them back to the fraudster. The fraudster can then access the user’s Online Banking and make payments to themselves or their accomplices.
Spyware. Similar to Trojans, spyware is a type of software that the user may or may not be aware they have downloaded. It secretly gathers information about a person to be a passed on to advertisers or other interested parties. Using a computer that carries spyware software can compromise any financial information passed through the web, including online shopping and accessing financial information.
Email fraud (‘phishing’). Users receive an email that appears to be from their financial institution directing them to a false bank log-on page and are asked to enter their Online Banking log-on information to ‘verify’ their username and password details. Emails of this nature may suggest that:
 the financial institution is updating its security system; or
you are required to verify your log-on details for security purposes; or
there have been a number of these ‘phishing’ scams lately and that the financial institution will lock users accounts for their protection unless they verify their information.
As before, the fraudster can then access the user’s Online Banking and make payments from it.
Online employment scams. Emails or fake job advertisements claiming to be from legitimate businesses are sent widely to Internet users. These are looking for people to act as New Zealand distribution agents. The ‘agent’ has funds deposited into their account, supposedly from the company’s ‘sales’ in New Zealand, and is then asked to send it overseas in exchange for a commission. In fact, the money is usually stolen and the New Zealand ‘agent’ is being used to launder it, which is a criminal offence.
Uncleared funds scams. Electronically deposited funds take a minimum of two days to be cleared. Similar to online employment scams, emails or fake job advertisements claiming to be from legitimate businesses are sent widely to Internet users. These are looking for people to act as New Zealand distribution agents. The ‘agent’ has funds deposited into their account, supposedly from the company’s ‘sales’ in New Zealand, and is then asked to send a portion of it overseas, e.g. 80% of it - the remainder being their commission. In fact, the money that initially appears in the New Zealand ‘agent’ account is dishonoured two days later and the New Zealand ‘agent’ has already sent on 80% of the amount out of their personal funds. This same type of scam has also been perpetrated using online trading websites such as Trademe and eBay, where the buyer ‘accidentally’ overpays by supposedly typing an extra digit on the funds transfer and asks the recipient to repay the overpaid amount. The accidental recipient (the auction seller) ‘repays’ these funds that initially appear in their bank account only to find that two days later that the initial payment is dishonoured and they have already paid away the ‘reimbursement’ of funds.
|
Tips for avoiding online fraud
|
|
Always access Online through the WBS website. Never click on an emailed link. To make it easy, you may wish to bookmark the WBS home page or log-on page by adding it to your ‘Favourites’ folder. Alternatively, we recommend you type in the web address yourself.
When using Online Banking, ensure the pages are secure. Check that the address starts with ‘https’ and that a padlock icon appears at the bottom of your screen (the WBS Online Banking site is secure but does not show the address bar with ‘https’ in it except in the Status Bar when you place your mouse over the button to enter Internet Banking, it does however show the gold padlock at the bottom of the screen).
Never disclose your Online Banking password to anyone and never store your password anywhere, in written or electronic form. Your password must not be one that can be easily guessed or be identified as relating to you. It's also a good idea to choose passwords that are different from any other you have used on the Internet. For more information on choosing and protecting passwords and pins, please download the two page brochure ‘Protecting your Cards, Pins and Passwords’ from the New Zealand Bankers' Association.
Change your password regularly. We recommend that you change your password at least every three months.
Do not leave your computer unattended while connected to the Internet. Always log-off and disconnect when you’ve finished using Online Banking.
Be cautious when using shared or public computers. Ensure that the firewall and virus checker are up to date and do not leave the computer unattended.
Be cautious with emails from people or companies you don’t know. Don’t open or install email attachments and never click on an emailed link to go to WBS Online Banking log-on page.
Check your bank statements and report any suspicious transactions to WBS.
|
Security Software
|
|
Install and use personal firewall, anti-spyware and anti-virus software. We recommend that you install and maintain personal firewall, anti-spyware and anti-virus software and update it regularly. Using alternative web browsers is another way of protecting yourself as often hackers try to utilise weaknesses in certain web browsers. It therefore pays to ensure your web browser is kept up to date. It is also a good idea to use an ISP who provides some form of spam blocking. Some current providers of protection software are listed below (these links are to software that is free for non-commercial use - WBS provides these links as is and does not support these vendors in any way):
|
What to do if you think your online security has been compromised
|
|
If you suspect that your online security has been compromised, contact WBS immediately on 0800 22 55 92 or (64 6) 370 0070.
We will need to reset your password after comfirming your identity, but you may still need to seek professional computer assistance if, failing the above suggested software solutions, your PC has taken on some malicious code and the problem is recurring.
|
|
|
