Sri Lanka warns of bank data theft from online ‘easy loan’ scams
ECONOMYNEXT – Sri Lanka’s central bank has said that online ‘easy loan’ scams are stealing confidential bank data from customers in the guise of giving loans and stealing bank deposits.
The regulator’s Payments and Settlements Department said in a statement customers are advised to immediately inform their bank or other financial institutions of suspicious activity in their accounts.
Customers should protect bank passwords and PINs or personal identification numbers and not reveal them to others, it said.
The public should get real-time notification services, such as SMS alerts from their banks or non-bank financial institutions such as finance companies, so that they would become aware of any fraudulent activity using their accounts, it said.
“The Central Bank has received information regarding several types of financial frauds and scams being operated through social media, and Internet-based applications. Recently, an increase of these types of scams has been observed,” the statement said.
The full statement follows:
Beware of online scams – Protect your bank passwords and PINs
The Central Bank of Sri Lanka has received information regarding several types of financial frauds and scams being operated through social media, and Internet-based applications. Recently, an increase of these types of scams has been observed.
Most of these scams are conducted through easy loan schemes that attract the public. During such fraudulent loan approval processes, the fraudsters lure the public to share confidential customer information such as their bank account numbers and the customer’s personal identification numbers. The fraudsters then use such confidential information to access customer accounts and steal customers’ money.
Confidential customer information includes savings and current account numbers, Internet or mobile banking or e-wallet account usernames/ID and passwords, Personal Identification Numbers (PINs) of cards or Internet banking facilities (number used to withdraw cash from ATM or access online banking), transaction verification information such as One-Time-Passwords (OTPs), transaction verification amounts, credit or debit card details such as card numbers, card expiry dates, security codes, Card Verification digits commonly found at the back of the card and referred to as CVV, CVC or CVS numbers, and any other information that could be used to access or verify bank accounts, payment cards, electronic wallets or any other account.
The public is reminded to obtain real-time notification services, such as SMS alerts from their Banks or non-bank financial institutions such as finance companies, so that they would become aware of any fraudulent activity that takes place using their accounts, instantly.
The Central Bank strongly advises the public to be vigilant about these frauds and scams and not to share any confidential information, especially account usernames, passwords, PINs, OTPs or other information required for account verification, with anyone. Such information must be used only by the customer who owns the account. Customers must also carefully read the terms and conditions of any financial product or service, before accepting them.
Further, if customers are requested by third parties, such as easy-loan schemes, to provide customers’ confidential information, which will grant access to the customer’s current or savings accounts or receive any suspicious SMS or email alerts or telephone calls regarding transactions that the customer did not initiate, they are advised to take immediate action and inform their relevant bank or other financial institutions of such suspicious activity.
(COLOMBO, 21 November 2019)