SA banks must exercise extreme caution in current phishing environment

Print
Thursday, 09 February 2012 13:45

SYNAQJohannesburg-based Software as a Service (SaaS) specialist SYNAQ’s says its latest South African phishing statistics clearly indicate that local banks have no option but to exercise extreme caution when it comes to permitting their Internet banking clients to pass on their banking details to third parties.

 

This follows a controversial decision by Absa to block US technology company, Yodlee, from accessing its client’s Internet banking accounts on behalf of new financial management enterprise, 22seven.

According to SYNAQ managing director Yossi Hasson, SYNAQ’s anti-phishing database solution, Phishmonger, identified and blocked 23 668 phishing attacks directed at customers of South Africa’s four major banks in January 2012 alone.

Launched in September last year, Phishmonger proactively identifies and blocks most types of phishing attempts that use the names of South African banks, insurance companies and medical aids to entice or threaten individuals into disclosing personal information which can then be used to access their accounts.

“Our January statistics clearly indicate phishing syndicates currently target Absa more than any other South African bank. We identified no fewer than 15 676 attacks on Absa clients last month. In addition we identified an astounding 159 unique – and fraudulent - Absa URLs from which phishing attacks were launched. This compares to 54 unique (fraudulent) Nedbank URLs, a further 13 for Standard Bank and 27 for FNB,” Hasson added.

Hasson explained that having a third party system that requires people to disclose their confidential banking information will open yet another (lucrative) hole for phishers to exploit.

“For example, should 22seven become popular, there is no doubt that phishers will starting sending emails to online banking users purporting to come from 22seven and requesting them to update their banking details on a fraudulent Yodlee site.

“This will spell even more trouble for local banks. With South Africa amongst the most targeted countries in the world for phishing attacks, they have little option but to exercise extreme caution.

“While SYNAQ is in favour of new, innovative start-ups being embraced in this country – after all SYNAQ too was a start-up not all that long ago – we’re also paranoid about Internet security and very aware of the very real threat that the banks are dealing with,” Hasson concluded.

About SYNAQ

SYNAQ is a pioneering technology company that leverages off the power of open source software and the cloud to deliver innovative email management services to the corporate market. Established in 2004 and processing over 500 million emails a month, SYNAQ is the leader in open source cloud email management services. SYNAQ is a Dimension Data company.