Tesco Bank had to temporarily suspend online banking operations for current account customers after thousands were affected by hacker fraud on the weekend of 5th November 2016. The bank has confirmed that small amounts of current accounts were subject to online criminal activity resulting in money being withdrawn fraudulently in some cases.
The bank has so far given no clear details of how the fraud was committed. Typically, cyber fraud is carried out by using various methods of stealing customer credentials or copying bank card details to make duplicate cards. This in turn enables cyber criminals to access online bank accounts to carry out fraudulent transactions.
The cyber criminals involved in the Tesco Bank attack may have found a way to create duplicate cards, due to claims that in some cases card withdrawals have been made from other countries. The crafty part of the theft from Tesco Bank accounts was not the ‘hack’ but doing it over a weekend when banks are typically understaffed, and will respond much slower to issues.
The crime being a remote technical hack via a network intrusion is a slim possibility. Far more likely is the action of human error or weak process management control resulting in confidential information being leaked.
Tesco issued the following statement
“We apologise for the worry and inconvenience that this has caused for customers, and can only stress that we are taking every step to protect our customers’ accounts,”
“While online transactions will not be available, current account customers will still be able to use their cards for cash withdrawals, chip and pin payments, and all existing bill payments and direct debits will continue as normal.”
“We continue to work with the authorities and regulators to address the fraud and will keep our customers informed through regular updates on our website, twitter and direct communication,”
“We can reassure customers that any financial loss as a result of this activity will be resolved fully by Tesco Bank, and we are working to refund accounts that have been subject to fraud as soon as possible,”.
The banking sector is one of the most highly targeted by cyber criminals. According to the consumer group, only 5 of 11 high streets banks have adopted two-factor authentication methods to protect customers.
The banks “consistently scored poorly” in their security measures over the four years they had been monitored and had failed to invest in the proper security systems that would keep their customers safe from fraudsters, the report said.
How you can protect yourself
1. Verify any emails or telephone call you get about fraudulent activity on your bank account. Do this by contacting your bank separately using a different web page, rather than clicking on links in emails, or by calling them from a different phone to the one you were contacted on.
2. Never share PIN or log-in details for your personal accounts.
3. Use complex passwords for online accounts, featuring upper and lower case letters, numbers and symbols.
4. Familiarise yourself with current frauds techniques and scams and how they work. Register with Action Fraud Alert for free to receive regular information about scams and frauds in your area :
http://www.actionfraud.police.uk/report_fraud
Most importantly contact Consilium today about how Palo Alto Network’s Traps & Firewalls can protect your organisation from Cybertattack.