Cybercrime in Banking Industry and Its Impacts on Banking Industry

Introduction

The evolution of technology has increased the dependency of humans on it in all spheres of life. In addition to the opportunities, benefits, accuracy provided by these inventions, it however increased the probability of getting trapped in cybercrimes. Undoubtedly, cybercrimes are frequent these days and financial sectors are majorly targeted by hackers or criminals. Most of the organizations rely on the digital networks for their business operations which increases the risk of becoming a victim of cybercrime. We can define Cybercrime as in illegal activity on internet through which hackers invade into financial or private accounts of users with wrong intention without their authorization. ‘Banks in order to enhance their customer base introduced many platforms through which transactions could be done without much effort’. Computers and network are used for cybercrimes which include credit card frauds, phishing, spams, blackmail, forgery and many other frauds.

In this research paper, I am going to discuss that why banks are targeting more by criminals than any other sources? How hackers can invade into accounts of users means what credentials are required to invade into user’s accounts? What they can get from this? Why banks are inefficient to properly prevent these crimes. What types of strategies they use to persuade users to give all their financial information? How they can be stopped and crimes can be eradicated?

It has been always seen that Cybercrimes are directly proportional to less security measures taken by people on their computers and revealing of their passwords, PINs, card number, SIN and CVV number of their credit and debit cards. Criminals are dependent upon these numbers to commit a crime. These numbers actually represent a customer’s authorization to operate an account. Without these it is difficult to penetrate the security.

The significance of this study is make aware the users of online banking and make them some recommendations to improve the security on their electronic systems. Through the research, we get to know about how it can be minimized or eradicated. We will come to know about to which level, criminals can go to commit crimes. In which ways, criminals can approach you or persuade you to access your confidential information. What are the adverse effects of cybercrimes? What are the security measures that we need to adopt to prevent these crimes? The purpose of this research paper is to make people understand the seriousness of these cybercrimes.

Literature Review

Cybercrime is illegal activity which is carried out through computers and information technology without the authorization of user. Literatures on Cybercrimes seem to suggest that cybercrime is on upward trend in all over the world. In the banking sector, the crimes which are committed using online technologies to illegally remove or transfer money to different accounts are tagged as banking frauds. There are many categories of Cybercrimes i.e. cyber-deceptions, cyber-pornography, cyber-violence and cyber-trespass. The bank frauds comes under cyber-deception .Undoubtedly, there is not even a single day goes without an organization suffering from breaching security. It is difficult to assess the impact of cybercrimes, and both financial and intangible losses are acknowledged.

According to PwC’s Global Economic Crime Survey 2016, revealed that cybercrime is the second most reported crime globally and 54% organizations are the victims of cybercrime in the last two years. There are some organizations which are more on the top list of hackers. Without any doubts, we all know that these are banks, because Cyber criminals go where the money is.

According to a financial website of the UK, Cyber-Criminals hack the system of Tesco Bank and stole 2.5 million pounds from the current account of 9,000 customers. The Financial Fraud Action UK reported that online fraud losses reached 40 million pounds and has increased up to 12% as compared to 2011. There are different ways in which criminals can do this cyber offense which are explained below.

Cybercrimes can be done in two ways. First is Direct and another one is indirect. Direct fraud includes credit and debit card frauds, money laundering and internet banking fraud. Indirect fraud includes phishing, pharming, hacking, virus, spam and malware. Lottery scams, romance scams, charity, pyramid schemes and advance fee frauds are also frequently used. According to York (2010) residents of Sanford, received phone calls that claimed calling from Sanford institute of Savings (SIS), informing them that their accounts had been frozen or inactive and they have to give their full details of accounts in order to maintain their accounts. Actually they were cybercriminals looking for people into giving their financial details.

These frauds happen due to lack of awareness and knowledge among people. Sometimes hackers call you, ask for your PIN, security code and claim that they are calling from banking security team. So, if the person has lack of knowledge, then one can trap in their scam because bank never ask for customer’s confidential information. Financial Fraud action UK says that British loses from internet and telephone banking fraud about 35.9 million pounds in the six months if the year 2014 (Arnold, 2014).

On 15 August, 2012, in Saudi Aramco, computer networks are struck with self-replicating virus that infected 30,000 window based machines. It takes two weeks to recover the damage and affecting Saudi Arabia’s national oil and gas firm. This virus attacked the business processes of the company and some drilling and production data were lost (Bronk & Tikk-Ringas, 2013).

Banks say that there are continuously making efforts to combating cybercrimes. The Bank of England and US Federal Reserve have pushing banks to identify threats with different programs. This bank is expecting to spend $250 million on cyber security and trained 1000 specialist staff to work in this area (Arnold, 2014).

In Nigeria, Banks have audit committees in cyber security. The main issue for audit committee is technology concern (Ojeka, Ben-Caleb, & Ekpe 2017). It is the duty of audit committee to collaborate with management to increase efforts about threat awareness, timely discovery of incidents, risk assessments, and coordination with regulators that how cyber security risks are being identified and managed (Ojeka et al., 2017). It is also the role of audit committee to oversee accountability of management to the overall process of risk management. It requires the audit committee to have accounting knowledge to understand the financial implications in depth (Ojeka et al., 2017). Financial literacy can reduce the crimes.

The literature review indicates that several researchers have investigated cybercrime by considering several factors, but in my opinion in order to understand the fraud system in banking industries, we have to understand attackers and defenders. These frauds happen because hackers want to make rich in one night or without any efforts. The other reason is hackers want to use these money for antisocial and terrorist activities. Banks are required to put their regular efforts to combat these crimes as done by Nigerian banks. It helps the Banking industry make aware of the prevailing threats, to make their technical facilities better.

Methodology

To study the impact of cybercrime, I used two methods to identify how much strong the system of cyber attackers are.

I used qualitative analysis as well as content analysis. In qualitative analysis, I interviewed 200 people from different countries including India, Canada, Zimbabwe, Ecuador, Pakistan and Nepal. I asked them about their awareness about the cyber threats in banking industry. I found that some of them are less aware about these crimes, some are victims and some are aware and conscious about these threats.

The most common fraud that I found these days in Canada is Vishing. Vishing is an offence that can commit through voice calls. In vishing, criminals, pretend to be calling from an official source of their country and threatens the consumers in order to gaining access to their personal information. Most vishing attempts try to convince victims to give up their PIN, Card number, SIN number, banking accounts passwords and their personal details.

 Method Used Type of Fraud Age Place About

1. INTERVIEW VISHING 18-30 CANADA • Crime through voice calls
   • Asked for confidential information
   • Threatens customers
   • Claimed calling from a government body
2. INTERVIEW PHISING 18-50 INDIA, CANADA • Misleading and deceptive emails
   • Trap through false email links
   • Asked for confidential information
   • Claimed that user has won a lottery.
3. INTERVIEW MALWARE 18-45 NEPAL, INDIA • Any corrupted file downloaded and data hacked
4. INTERVIEW HACKING 18-40 ZIMBABWE, INDIA, NEPAL • Illegal intrusion into a computer system without authorization

Content Analysis

Consumer loss through cybercrime worldwide in 2017, by victim country (in billion U.S dollars). From the above figure, we can easily measure that cybercrimes affected major world in 2017. China has experienced a loss of 66.3 billion dollars in 2017 which is the highest. Globally, the average cybercrime victim lost 142 U.S dollars (The Statistics Portal, 2017).

In the Analysis, I find out that cybercrime is a big concern all over the world. All types of crimes like ATM crimes, phishing, Vishing, hacking is prevalent in all countries. Banks can prevent these crimes to some extent, but only they can prevent it completely, because they cannot stop users to use their online banking and cannot check their computers whether they are free from malware or not. Banks frauds also shows that customers engage in internet banking are not alert and not have sufficient knowledge on cyber threats. It is bank’s responsibility to aware and educate consumers time to time about the prevailing threats in market. Recurrence of these incidents will affect the economy. Negligence by customers and IT sector is the another reason for cybercrime. Other institutions can also do a favor. They can make people aware of the prevailing scams, for example, government organizations, schools and colleges.

Conclusion

This paper gives a brief overview of cybercrime in banking industry and its impacts on banking industry globally. It is a great concern at this moment. The main frauds are credit card frauds and vishing. Presently the measures taken by banks according to me are not sufficient. The rapid growth of technology requires bank to review their policies and make their system stronger. Banks can aware customers through their websites about banking frauds and what measures should be taken to prevent these crimes. Banks should have audit committee to supervise the fraudulent actions in banks. Banks should be taken sufficient measures to combat these crimes and hire employees with strong IT background with proper training and knowledge. Banks should work in cooperation with other banks across the world to prevent cybercrimes.