Dr. AbdelGadir Warsama Ghalib
PHISHING THREATENS E-BANKING & E-TRANSACTIONS
Dr. AbdelGadir Warsama Ghalib
Phishing, this relatively new electronic crime, refers to luring techniques used by identity thieves to fish for personal information in a pond of unsuspecting internet users. It is a general term for the creation and use by criminals of e-mails and websites that have been designed to look like they come from well-known, legitimate and trusted businesses, financial institutions and government agencies. These disguised criminals deceive internet users into disclosing their bank and financial information or other corporate or personal data such as usernames, password and websites…etc.
Phishing continues to be regarded as one of the most rapidly growing classes of identity theft scams on the internet that is really causing both short-term loses and long-term economic damage, to individuals as well as companies.
Recent available data indicates that criminals are increasing the number of consumers who have suffered credit card fraud, identity fraud, and financial losses. Estimated losses from phishing attacks are now in billions of dollars worldwide and those losses are tremendously growing. An urgent action to combat this threat is required immediately. Already, there are some protective measures, however, more in needed.
Depending on the type of fraud that a criminal commits with the aid of stolen identifying data, individuals and business may lose anywhere from a few hundred dollars to tens of thousands of dollars… and more.
Phishing also poses a particular threat because techniques used are constantly evolving. For example, “vishing” which is one of the forms of phishing that involves identity thieves sending an e-mail designed in the same way as a phishing e-mail, yet instead of providing a fraudulent link to click on, the e-mail provides a customer service number that the client must call and is then prompted to “log- in” using account numbers and passwords.
Alternatively, consumers will be called directly and told that they must call a fraudulent customer service number immediately in order to protect their account. We are, encountering such threats daily.. No one is away from this wave.
“Spear” phishing, also, is a technique whereby e-mails that appear genuine are sent to all the employees or members within a certain company, government agency, organization or group.
Much like a standard phishing e-mail, the message might look like it comes from an employer or from a colleague who might send an e-mail message to everyone in the company, in an attempt to gain log- in information. Spear phishing scams work to gain access to a company’s entire computer system.
The financial & business sectors are the most heavily targeted for phishing schemes and this network spreads to cover all leading banks and financial institutions as well as small entities and no one is protected from this new electronic crime going all around the globe and crossing boarders without being promptly noticed.
The short term effect of these scams is to defraud individuals, companies and financial institutions. It has been noted that in some phishing schemes, criminals were able to convince up to at least 5% of their recipients to respond to their e-mails, resulting in a significant number of consumers who have suffered credit card fraud, identity theft and financial loss.
In the long run phishing may also undermine public trust in the use of the internet for online banking and e-commerce because phishing can make them less likely to use the internet for their business transactions and legitimate commerce communications.
Due to the seriousness of this e-crime and the threats to the e-banking and e-transactions and related e-commerce, we believe that a strong legislative framework is fundamental and urgently required for combating identity theft and other mechanisms and / or methods used to that end such as phishing and vishing….
The criminal codes and internet regulations should be revised with the intention of defining and punishing such new trend of e-crimes. Moreover, banks and financial institutions are urgently required to take all technical appropriate measures to defend their systems from such intruders and trespassers. Beware..