Community
The internet is great, no doubt about it. Millions of people can’t imagine their day without using it at least once. Sadly, as soon as people get cozy with something, they are more prone to slipping into dangerous situations. And online, one of the biggest dangers is data breaches. The news of massive information breaches became common, especially when it comes to social media. Recently, reports of a data leak of half a billion Facebook users [1], and 500 million LinkedIn accounts [2] emerged. And although Facebook claimed that the particular leak happened in 2019 and is now secured, the experts explain that this information still can be used by data brokers. [3] Because of this, your private information can be sold to third-party companies resulting in unwanted targeting ads and annoying phone calls, to say at least. The worst part is that your data can be used for fraudulent actions against you, resulting in money loss.
How are personal data breaches dangerous for financial crimes?
Almost every piece of your private data can be used against you by individuals with malicious intentions.
One of the most common financial troubles that can occur is identity theft. It’s when a scammer pretends to be you and utilizes your data for this purpose. Even with as little as a full name and an address, a criminal can still access a publicly searchable database to dig more information.
After finding even more about their victim, a fraudster can open credit bank accounts in your name, access your current accounts, or use a SIM swap scam. The latter means that the fraudster will contact your mobile phone provider and try to convince them to port your phone number to the scammer’s SIM card using all the info they’ve gathered.
Unfortunately, identity theft cases only grow with more people doing their shopping online during lockdowns. The OpSec’s 2020 global survey showed that 86% of consumers experienced identity theft or fraud. [4]
Getting back to social media leaks, these can affect not only your finances but your job too. Imagine if someone gets a hold of your LinkedIn account’s data: your work email, information about colleagues, events you partake in, business partners, etc. Sometimes this information is enough to create and send a compelling malware letter to your staff’s emails and pose a serious threat to the company’s data and money.
And there is also a classic scam when fraudsters call you and pretend that they are your bank’s representative. To convince you, they start spitting out your personal info to manipulate you into sharing the card details over the phone.
These are just a couple of examples of how a data leak can result in money loss.
What are the ways to secure your data?
Although social media, merchant websites, and other internet entities must provide the means necessary for data security, you can’t only rely on them. Hence, we offer some tips on how to make sure that your personal information will not be used against you.
Set complicated passwords. Use different passwords for every website/service you log into. These should contain numbers and special symbols; you can generate complex passwords with online free services. Don’t save the password in the browser.
Stop oversharing. Try not to spill too much private information online – like photos of your house, geolocation, etc.
Let sites double-check your identity. If a website offers two-factor authentication don’t hesitate to apply it.
Double-check your security after breaches. If it comes up in the news that the website you have an account on has been breached, you should act ASAP. You can check if your email or phone number was leaked via online checking services. We advise you also change the password.
Learn about your company’s security measures. Each business has its own security rules to prevent data breaches – follow these to avoid unnecessary risks. Always be cautious: don’t open suspicious emails and attachments in them, and do not share any sensitive data about your company with unauthorized people. Remember, an average cost of a data breach is $3,86 million total, according to IBM Security [5].
Don’t fall for the oldest tricks in the book. Always keep calm and collected if someone calls you and claims that you owe them money, or that your bank account will be terminated, etc. Scammers use these tactics to make you panic and lure out more of the private details. Don’t share your financial data like credit card number, CVV, passwords, and security question answers – your real bank or PSP won’t ask you these!
Speaking of financial institutions: when choosing one, you should always pay attention to which security services they offer to keep your money and data safe.
What to know about your bank’s safety
The security of funds and information is a priority for most brick-and-mortar banks and Fintech companies. As scammers come up with more ways to access your data, financial institutions have to constantly improve their security policies.
Catching up with all the safety demands is not a walk in the park. In 2020, traditional banks had a hard time adapting to the pandemic scenario, as most of the branches were closed during lockdowns. For instance, in the UK, 79% of the surveyed bank employees admitted that working from home influenced their financial crime prevention effectiveness negatively. [6]
Even though Fintechs have more experience in providing digital services, they too had to deal with growing numbers of online shopping scams. In August of last year, 31% of fraud examiners worldwide observed a significant increase in payment fraud risk. Almost half of them believed that it would remain significant over the next year. [7]
The financial institutions realize that cybersecurity is their concern number one for 2021. 64% of financial firms surveyed believe they will spend on cybersecurity measures even more than in 2020. [8]
With that said, we recommend you choose a bank or a Fintech company thoroughly if you want your money and data protected. Of course, you can’t know the full scope of the bank’s security strategy and everything that’s going on backstage. But here are some tips on how to choose a safe payment service provider by using the information that can be found on their website:
They seriously care for personal data. Your financial institution should be compliant with Payment Card Industry Data Security Standard – PCI DSS for short. This standard ensures that the environments in which you use your payment cards are secured, and your financial data is protected. All the participants that take part in storing, collecting, and processing your credit card details must comply with PCI DSS, otherwise, it may not be as reliable.
If you live in the European Union, the same goes for the General Data Protection Regulation compliance. GDPR includes strict security rules on the collection of clients’ personal data. Make sure your bank or PSP follows this too.
Even such a minute thing as the use of TLS/SSL can show whether the financial institution cares about securing your private details. If you see a padlock symbol at the beginning of the website’s URL it means that a third-party entity cannot see the connection between a server and a client, as it is encrypted.
Analyze their registration process. If you need to log into the bank’s website to open and manage the account, keep a close eye on how this happens.
Remember the identity theft issue? Some payment service providers, address this problem right away. To start the account, you need to confirm your identity via real-time verification. All that is required is that you have your ID card and take a picture of it. Then you will snap a quick video selfie to complete the verification. Not only the process is simple, but we will know for sure that nobody has stolen your data or ID to open an account.
Of course, different banks have other ways to confirm you are the one who logs into the account: for instance, you will need to enter an OTP or use biometric data.
Some financial institutions allow you to create an account via your social media profile – this scenario is more unreliable and we don’t recommend using it.
Learn how they protect your finances. Sadly, data leak protection and identity verification are not enough. A bank or a Fintech must have the tools necessary to address credit card fraud. As criminals that steal your data can use it to make fraudulent transactions as well.
Contact your bank manager for more information, and find out about additional reports and notifications you can set for the transactions. This way, you can always track your money flow and be notified if something is wrong.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Andrew Ducker Payments Consulting at Icon Solutions
19 December
Jamel Derdour CMO at Transact365 / Nucleus365
17 December
Andrii Shevchuk CTO & Co-Partner at Concryt
16 December
Alex Kreger Founder & CEO at UXDA
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.