Who's afraid of the big bad cyber wolf?
RaboPlus Australia and New Zealand general manager Greg McAweeney says online security is an ongoing concern for consumers
As our lives become more wired and we conduct everything from banking to finding property on the internet, is online security a more critical issue?
A recent Unysis survey found that 8.9 million Australians reported concern about the misuse of personal information and 5.7 million people are also concerned about shopping or banking online.
Research shows we are conducting more of our banking transactions online, and this will only increase over the next decade as web-wise Gen X gets older and Boomers embrace the internet and social media.
The growth in popularity of Facebook is in the 35-49 age-group, while 50-64 year olds are also becoming social media junkies. Forrester Research reports that 75% of adults who go online will read blogs, join social networking sites such as Facebook, listen to podcasts and read reviews.
It’s pretty clear, there’s no retreat from the online world anytime soon.
In fact, more people are busy sharing all sorts of information with friends and people they’ve never met and never likely to in cyberspace. But despite this fact, the Unisys survey found that most of the 5.5 million Australian Facebook users were uncomfortable in revealing personal information.
The new ‘let it all hang out’ online-world creates a feast of juicy information for criminals to harvest and to steal identities. And there are many examples of this: from the fairly harmless, such as Britney Spears having her Twitter account hacked (do we really care?), to the story of Dimitri, who was featured on ABC’s Four Corners in August this year. Dimitri inadvertently clicked on a spoofed or phished email purporting to be from the Commonwealth Bank, which set off a chain of events starting with funds stolen from his bank account, then his mobile phone account hijacked and more misery followed.
If you’re unfortunate enough to be a victim of identity fraud, it can be a nightmare to sort out, and your credit rating is usually one of the first things to be hammered. Once they know your details, criminals are likely to try to take out loans or open credit accounts in your name.
Should banks be doing more?
Do financial institutions have a moral obligation as well as a legal obligation to keep your money and identity safe? A sensible person would agree with the view that they do.
But one of the main reasons we see so many phishing email attacks is because many banks still rely on basic user name and static passwords to regulate access to online bank accounts. Think about how easy it is to break static passwords.
A TNS survey, commissioned by RaboPlus, revealed that 78% of respondents want banks to upgrade their security beyond just the username and password. Not an unreasonable request when 59% of customers have only user name, password and customer number with possibly one additional security question required to conduct transactions online.
RaboPlus has made a conscious decision to implement far more robust security via a Digipass system and is always looking at ways to keep a step ahead.
And while some people in the industry might try to downplay the issue, 806,000 Australians or 5% of the population have fallen victim to phishing, credit card, ID thefts and online fraud attacks in 2007, costing $1 billion, reported by the Australian Bureau of Statistics.
Customers are also responsible
The more personal the information shared online by you and across various social media sites, the higher the risk of attracting fraudsters. And this is where you, the customer, has a role to play. A bank can only do so much. Customers also need to face up to their responsibilities.
If you need another reason to rethink what information you share online, think about the unfortunate Natasha Cann, whose Facebook account was hacked and then the criminals tried to scam her closest friends out of money.
There are risks to banking online and making people aware of the risks and how to protect themselves can only help to combat the fraudsters. On balance, the chances of falling victim to fraud are still very low, but you don’t want to be the one who loses money.
Online banking customers will always make that trade-off between high security and convenience; some people would rather go without devices like Digipasses in favour of passwords.
But as I’m fond of saying: if you became a victim of online banking fraud, the first question you’d probably ask your bank is, why wasn’t their online security better?
It’s a bit like closing the door after the horse has bolted, really.
