RIYADH: The Saudi Central Bank, also known as SAMA, has renewed its warning about cyber fraud, urging people to be cautious with their data and ensuring the websites they use are trustworthy.
SAMA has repeated these warnings several times recently as people come forward with their stories about scams and financial losses.
Wedad, a teacher, summed up her experience. “My money was stolen in two installments from the bank,” she said.
She was waiting for a shipment from a UAE warehouse when she got a text message. “The name was close to the original delivery company,” she told Arab News.
Abdul Aziz Al-Hammadi, CEO of Tuwaiq Academy. (Supplied)
A second text arrived minutes later from the original delivery company, telling her to click on a link and pay the amount of money specified.
“Indeed, I received a message and the activation code came from the original delivery company, with evidence of its sequence, I mean from the official messages that I received from the company I use to deal with for parcels. So I trusted (it) and took the activation code and registered it.”
The amount withdrawn in the beginning was only SR16 ($4.26). She was used to paying through the app, but this time she received a form. She filled it in with her bank details. “Unfortunately I paid the amount. I was somewhat surprised that the process (looked) as if it had not been completed even though I received the phrase ‘loading’ twice. The first time was SR740, and the second (was) SR1,480.”
Fadhel Al-Buainain, a member of the Saudi Economists Association. (Supplied)
Fraudsters blackmailed people emotionally and Saudis were emotional to a large extent, according to Dr. Jamal Al-Tuwairqi, a consultant psychiatrist at King Abdulaziz Hospital in Riyadh.
He said people were deceived by fraudsters for several reasons, including curiosity, a lack of attention, and some people thinking their awareness of criminals’ tricks made them continue the communication. Some people also claimed they were able to confront fraudsters or uncover their deception.
Jamal Al-Tuwairqi, a consultant psychiatrist at King Abdulaziz Hospital in Riyadh. (Supplied)
Fraudsters resorted to various tricks, playing on people’s emotional side in particular. They communicated with Muslims during Ramadan and Christians during their holidays, taking advantage of people’s emotions.
Al-Tuwairqi said there should be an educational awareness program for the community featuring real stories and showing that the issue was more serious than people thought.
Assem Al-Essa, a formerly consultant in the Banking Dispute Settlement Committee at the Saudi Central Bank. (Supplied)
Social engineering and phishing were some of the most widespread operations faced by technology users because of the strong connection between financial transactions and the internet and people’s leniency in the procedures for keeping their data private. “This leads to the exposure of users to the theft of their money or private data,” said Aziz Al-Hammadi, CEO of Tuwaiq Academy.
He believed that one of the main reasons for exposure to financial fraud through technology was that banking operations were linked with technology and there was an ease in banking because of this link.
But many people were ignorant about digital security and tolerated interaction with fake links, anonymous emails, and even calls from people claiming to be bank representatives.
Al-Hammadi, who has spent more than two decades in the technology sector mostly in telecommunications and networks, said there were many signs of theft. The most important were unauthorized bank card withdrawals, even if the amounts were small.
“Contact the bank quickly and ask to stop your card in case you have to. If you see the temporary access code on your mobile phone and you are not the reason for it, contact the bank directly and ensure the security of your account and change its secret numbers directly.”
Al-Hammadi advised those dealing with banking and financial services online not to disclose any private information to anyone, relatives, or strangers, including card numbers, bank accounts, and secret numbers, as nobody would ever ask for these details, including the bank itself.
“If anyone asks for it from you, know that he is a thief who wants to steal (from) you as soon as you interact with him. Be careful in dealing with links that you receive on email or various means of communication. Do not interact with a link that you suspect, and it is preferable that you do not enter your credit or bank card information except on sites that you completely trust,” he warned.
Fadhel Al-Buainain, an economist and banker, said there was a deep financial impact on those exposed to fraud once their account was emptied or their credit card was maxed out.
There was also an impact on depositor confidence in the security of the financial sector and technology and electronic channels.
Al-Buainain, a member of the Saudi Economists Association, added that fraud had an “important and comprehensive impact” on the financial sector.
He said customer trust was the foundation for the banking sector. “Repeated fraud and account penetration, whatever their causes, may cause confidence to be shaken, which will negatively affect the sector's performance, profitability, and the volume of deposits too.”
Al-Buainain said that blaming customers for breaches may not give the full picture of the fraud process. The customers bore some responsibility, but the banking and telecommunication sectors were also responsible. They may be subject to compensation claims in the future if those affected succeed in proving the failure of both sides in providing the necessary protection for customer bank accounts and phones.
Lawyer Assem Al-Essa, who was formerly a consultant at SAMA’s Banking Dispute Settlement Committee, believed the Kingdom was being targeted by organized gangs due to the availability of funds, the spread of technology, weak bank protection measures, and the desire among many customers for a quick profit and their ability to profit from speculation and gambling.
He, too, urged those who had been exposed to fraud and financial hacking to contact their bank immediately, inform them of the incident, ask them to protect their funds, and stop transfers before any money left the Kingdom.
Al-Essa, who has worked in the banking sector for nearly 20 years, said there needed to be a guide about the steps a customer should take to retrieve his money and stop any fraud.
“I noticed that many specialists focus on the customer's responsibility and awareness and that it is the first line of defense, and despite the importance of that, I believe that the first line of defense is centered on the bank's responsibility toward its customer by achieving the bank's responsibilities.”
The bank must preserve clients' money so it did not leave accounts except with a client's signature. Otherwise, the bank was considered responsible.
“If the banks had fulfilled their duties toward their clients by stopping illegal transfers and seriously dealing with clients’ reports, it would have been possible to stop many frauds, and we would not need much of what was mentioned in the Central Bank circular.”
He recommended that banks receive customer reports of fraud, hacking, or unauthorized transfers, and deal with them seriously, including tracking them with the transferring bank, requesting their suspension, and taking all possible measures to protect clients.
