Somebody said, criminals often play on our intelligence. But no, a little APPLIED intelligence should prevent most crimes.
I just got wind of this experience narrated by a friend of a friend. I felt it would do us all a world of good to peruse and learn from. It has been edited for pertinence and clarity. Some peoples’ reactions were also interspersed, to serve as a lesson.
I just fell victim of fraudsters a few hours ago. I am an account holder with a bank, I am trying to accumulate funds to pay for my daughter’s tuition fee in school. Yesterday afternoon, I got a call from somebody purportedly from ABC Bank (my regular bank) who said “Am I speaking with Dr. XYZ” (called out my other names) to which I answered in the affirmative. He said he called in respect of my BVN (Bank Verification Number) which I was observed not to have done, I replied that I already had it done on another bank and he said the bank will send me a link so that my account with this my regular bank will be linked with the BVN. True to our conversation, I receive a message from my regular bank. An OTP (One- time password) was sent to my phone. A few minutes later, he called to ask if I got the the SMS, I told him yes but I can’t do anything about it cos I was driving. He said no problem I should call out the numbers which I did and he thanked me for my cooperation in a customer service manner.
I heard nothing since then till this afternoon at precisely 13:00 hrs when I received a SMS from my regular bank informing me of a debit transaction which cleared my account to the lowest thousand, i.e. I was left with a paltry N685 (six hundred and eighty five naira). I called my account officer who confirmed to me that I have fallen victim of fraudsters and he checked up on my account and saw that the recipient account is in another alien bank.
My puzzle is how did they get my account details? How were they able to generate an OTP to my phone. I am waiting to see what my bank would do on it. In the mean time, please be aware of what the 419 people can do
The specific area that struck me was:
He said no problem I should call out the BVN numbers which I did and he thanked me for my cooperation in a customer service manner
The question is, If the One-Time Password (OTP) was generated by his regular bank, why would anybody (purporting to be a CRO in that bank) ask him to dictate it over a phone line? More importantly, how come an educated man would dictate a password to a faceless voice over a phone line?
A would be fraudster who has your full names, with the intent of defrauding, would probably have your full account number too. A one-time password is system generated so that no one but the recipient sees it. Dictating that over a phone line is the misstep here.
Knowing how human nature works, a person might not always have the full presence of mind, and could easily fall victim. It is why banks always advise we don’t give out banking information over the phone line, or via email, no matter how authentic / genuine the request seems.
In advanced climes, the bank will probably replace the money. The insurance should pay back the bank and the police apprehend the criminals. The insurance takes premiums for all risks, and the banks are mandated to insure the customer funds.
On second thoughts, insurance probably won’t pay. If this man gave out his password the way he did, the insurance may not cover that particular action because once you release your password it is like a tenant handing over the keys to the front door of your house to any individual and blaming the landlord for losses.
Not so sure what would happen in Nigeria. The Nigerian banking / insurance system is probably yet to mature to the level of mitigating this kind of loss. You are probably on your own (OYO.)
Warning customers or conducting persistent customer education is an aspect of preventing or reducing this kind of situation. The larger part is the system. Now you blame a customer for a fall, how about hacking and identity theft? We could channel all energies to a better system and stop agreeing with our governments when they blame flooding on pure-water sachets. (If there are bins everywhere, would anybody throw things in the drains?).
Human beings are fallible all over the world. Systems can always improve if worked on, but humans would always be humans. Systems can’t mitigate the human element entirely. The human is the Achilles heel of any system. How do you stop a human from disclosing his password over a public phone line, or writing down his ATM pin on his car dashboard? It would happen every now and then, and these criminals know this.
Personal eternal vigilance is key.
The difference achieved through sustained effort by other societies gives us hope that Nigeria would eventually get to a higher level of customer awareness, customer protection, via improved systems and unending education. Humans need to be protected from themselves, and the more full-proof a system, the better for the individuals.
In “businesses” of trust like religion, banking and medical circles, people’s guards are often down.We see a message from a bank, and we are usually not operating on our highest frequency. A medical doctor or Pastor can be a deadly crook after all they are humans first of all, like the rest of humanity, susceptible to the same human weaknesses.
Eternal vigilance, folks.