DAWN.COM

Today's Paper | November 08, 2024

Updated 24 Jul, 2020 02:40pm

Here's how you can protect your bank account from a socially engineered attack

We live busy lives. From constant communication to safe, secure and swift banking needs, people today need a whole lot of flexibility and control on their finger tips, and digital banking services enable just that.

The banking industry of Pakistan has seen dramatic change in the recent times. On the consumers' end, there has been a positive shift in how innovative banking services are received and availed. More and more people in the country are switching towards apps, e-banking portals and other digital ways of banking.

UBL Netbanking and UBL digital app are platforms that have been offering customers simple, convenient and secure ways of managing their funds from anywhere in the world. The platform is seen as one of the country's most trusted banking portals due to its robust security features.

UBL's user-friendly digital app brings to customers exciting features that are tailored to enhance their e-banking experience, provide complete financial liberty and security, and the option to manage their entire digital lifestyle on the go.

It offers features such as Instant Mobile top up, Utility bill payments, IBFT (Funds Transfer), school fee payments, QR payments and much more.

Risks of online banking

While e-banking is a convenient method of managing funds without heading to a physical bank branch, it comes with its own sets of risks.

Thanks to social engineering now becoming excessively common in Pakistan, customers of several banking institutions have seen an upward trend in the reporting of fraudulent, socially engineered calls and scams; the trend has been gradually picking up during the past few months.

What is social engineering?

A term used for broad range of malicious activities carried out through human interactions, social engineering uses psychological manipulation to trick users into making security mistakes.

The practice convinces victims to give away sensitive banking information, which often includes their ATM PIN, OTP, passwords etc.

Most attempts of social engineering take place in more than one way; common examples include phishing and vishing attacks.

Phishing attacks commonly trick bank account holders into spilling confidential information, while vishing attacks usually send out voice calls to victims, often mimicking bank's official representatives to gain trust from the victim's end.

Spoofing calls are also one common way fraudulent activity is carried out. Using VoIP services or IP phones over the internet, spoof calls alter their original caller ID by copying a bank's official contact number to look authentic.

How to identify a socially engineered phone call

Though there may be numerous ways a call can be socially engineered, here are few signs to keep in mind:

  • The caller expresses a sense of urgency and asks for sensitive information like ATM PIN, OTP etc.

  • The caller uses a tone that is harsh and somewhat domineering

  • If you don't give your banking information away, the caller threatens that your account and funds will be frozen or blocked

  • The caller spoofs the call which makes the Caller ID show the victim's bank's official helpline

How to protect your identity and bank account

One should always remember that banking institutions, UBL in particular, do not call customers to ask for their OTP, passwords, ATM Pin, User Id etc.

Customers should be mindful when giving away any important banking information over phone, and should refrain from taking calls that explicitly sound tricky.

If a caller pressures for information incessantly, hang up immediately and use caution.

The situation in Pakistan

While urban areas of Pakistan report standard cases of spoofing and scams that utilise methods discussed above, it is the rural areas that are affected the worst.

Since digital awareness and education is still one of the biggest hurdles in securing the rural clientele of Pakistan's banking institutions, it is harder to ensure their accounts' safety.

Abusers of spoof calls commonly ring up account holders from rural areas and introduce themselves as representatives of the State Bank of Pakistan.

Upon receipt of important account details and information, these callers sign up on digital banking apps and transfer victims' funds to their accounts. This way victims end up losing all their money.

What is UBL doing to educate account holders?

To put an end to such activities, UBL has been educating all of its account holders on the issue.

It is key for customers to understand that information related to their bank's PIN, OTP, passwords etc is strictly confidential, and that the bank does not require it for any of its services at any level.

The bank has been running several campaigns online as well as offline to educate its customers across Pakistan; this also includes messages sent in the form of SMS and emails sent from the bank to its customers in both English and Urdu.

UBL has also encouraged account holders to familiarise themselves with the many secure features offered on their user-friendly digital app.

Advanced security measures like facial ID recognition have been incorporated by the bank on the app to enable a secure environment for financial transactions with complete peace of mind.

UBL's app also allows QR Payment Facility which allows cashless transactions at shopping outlets and is a convenient way to exchange money by simply bumping phones together. In today's challenging times, this facility enables secure and contactless shopping experiences.

The app also allows users to send money from their phones to people who don't own a bank account, anywhere across the country. With the largest network of over 35,000 touch points, customers can withdraw cash from any UBL Omni agent.

UBL has also been actively promoting its awareness initiative on its social media platforms.

To find out more, head over to the bank's official Facebook page.


This content is produced in paid partnership with UBL and is not associated with or necessarily reflective of the views of Dawn.com or its editorial staff.

Read Comments

What is Project 2025 that is being linked with Donald Trump? Next Story