Exposed: How Nigerian Banks Use e-Banking to Defraud Customers
It has been exposed how commercial banks in Nigeria make use of e-banking to defraud their customers. FrontiersNews investigation has unearth a major channel been used by banks to milk their customers.
Our investigation revealed that Diamond Bank Plc is the major culprit in this business as they have perfected ways of defrauding their customers their hand earned monies.
A FrontiersNews investigation revealed that the scam site (called phishing site in the IT world) is hosted on the bank’s main site and many unsuspecting customers who cannot easily spot the difference may have being a prey to the scammers.
According to our investigations, several banks such as First Bank Plc, Access Bank and Guaranty Trust Bank are also involved.
And thousands of unsuspecting banks customers have received emails from the phoney site asking them for their bank details.
A FrontiersNews investigation showed that the scammers target a particular class of account holders so that when monies are withdrawn from such account they would not be easily noticed.
One of the letters showed that the fraudsters used ‘Phishing’ which is an attempt to acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication which includes social websites, auction sites, online payment platforms (eBay, PayPal) or banks are commonly used to lure unsuspecting public.
‘Phishing’ is typically carried out by email spoofing or instant messaging and it often directs users to enter details at a fake website that look identical to the legitimate one.
We learnt that the scam mails and phishing site have links in the scam mails leading its victims to the phishing site with URL https://diamondonline.diamondbank.com a third level sub domain created on the http://diamondbank.com domain.
When contacted, Head, Corporate Communications Department, Diamond Bank, Mrs. Ayona Aguele-Trimnell told FrontiersNews that it was not possible that the bank as a responsible corporate organisation to be involved in such a dubious act stressing that the bank would not set up a phoney site to defraud its customers.
According to her, the situation is not unique to Diamond Bank alone as “fraudsters from abroad have always tried to hack into the websites of Nigerian Banks”.
Indeed, we will take action to remedy the situation,” she added.
However, when contacted an ICT consultant Mr. Femi Olarinoye faulted the explanation given by the Diamond Bank spokesperson saying she was not speaking from the point of knowledge.
“No Bank website should be hacked without their knowledge. It’s a failure of their ICT department. It is gross irresponsibility on their part”.
Mr. Olarinoye explained that the bank should be able to put feedback mechanism in place that would alert them of any person trying to hack into their site.
“The bank should have an intrusion prevention system and an intrusion detection system in place to alert them of any such hacking,” he explained.