x Abu Dhabi, UAESunday 23 July 2017

It's time for cyber security to catch up to cybercrime

On the Money: Banks need to do more to protect us and our money from the evolving world of cybercrime. But we are also responsible for protecting ourselves.

Let's get the bad news out of the way first.

Did you know that two thirds, or 65 per cent, of adults worldwide who use the internet have been a victim of cybercrime?

And did you know that the global cost of cybercrime last year came to US$114 billion (Dh418.7bn)? Add in actual financial losses and time lost and that tally comes to a staggering $388bn, according to the Norton Cybercrime Report 2011, which is published by Symantec, the US-based security software maker.

Cybercrime is a broad term for a host of illegal online activities, such as letting loose computer viruses or malware via e-mail, online scams, phishing (the setting up of a bogus website, mainly that of banks, that looks like the real one to lure users into revealing their passwords) and hacking.

Of all the cybercrimes experienced globally last year, the Norton report says computer viruses made up 51 per cent, online scams (think those e-mails you receive from those fraudsters in Lagos, Nigeria) accounted for 10 per cent, phishing 9 per cent, social network profile hacking 7 per cent and online credit-card fraud 7 per cent.

If you weren't the victim of a cybercrime last year, then you certainly know of somebody who was, or, at the very least, know a friend of a friend who was hit.

In the January 7 issue of Personal Finance, our cover story by Tony Glover (no relation) looked at the sheer scale of cyber fraud around the world and how it could trigger another global recession.

Glover wrote that billions of dollars were being routinely pilfered from banks online. However, he said that even more alarming was the fact that banks were more concerned about keeping their customers in the dark when it came to the losses.

"The banks will not admit to the size of the problem for fear of damaging their reputation and there are, therefore, no accurate figures available," Glover quoted a source from KCS Group, an international security firm, as saying.

"But there is hard evidence that the problem is far worse than has so far been reported and is now affecting banks across the globe with potentially crippling consequences."

The UAE is not immune to internet banking fraud or even the skimming of cards at ATMs. On December 30, The National reported that the US Embassy in Abu Dhabi had warned its citizens that debit cards were being skimmed at cash machines in Khalidiyah Mall and Spinneys supermarket.

And do you remember the stampede back in September 2008, when many of the UAE's biggest banks sent text messages to hundreds of thousands of customers warning them to change their PIN numbers immediately after a breach of the network that allows banks to share customer debit-card information?

"At least some, if not all, UAE bank accounts may have been vulnerable to fraudulent withdrawals or charges," The National quoted officials as saying in a report on September 10, 2008.

Which brings us to what the banks are doing to protect their customers from losing their life savings to hackers, skimmers and phishers. On their websites, banks warn customers not to give out their personal banking information to anybody, chip and PIN cards are finally being introduced to the market and HSBC Middle East is about to launch a device that generates random numbers as part of the log in process for its online banking service.

And about time, too, I say. It's incredible that the UAE chapter of the "world's local bank" is so far behind its brothers and sisters in other parts of the world. Then again, the device has only recently been introduced to HSBC customers in the UK, another country that is sadly lacking when it comes to 21st-century banking.

I've been using the same security device for the past 10 years for my HSBC accounts in Hong Kong. I have another security device for my accounts in Australia, which I've been using for the past couple of years.

Now here's the good news. They go a long way in protecting my money, especially now that many of us do our banking from the comfort of our homes via the internet. But HSBC customers in the UK have been complaining that they are inconvenient, make the process of logging into their online accounts too long, while some of the devices don't work properly, which could be put down to teething problems.

There's no pleasing everybody, of course, but I've never had a problem with my security devices. They are easy to use and give me great peace of mind when it comes to the protection of my finances.

And I don't care if it takes a few more minutes to log into my account online just because I have to press a button on the security device to generate a random number.

Let's put it in perspective: it's not like I'm standing in a queue that takes an hour or more just to reach a teller in a bank, who invariably sends you to another frustratingly long line because they don't do the service you need.

Banks need to do more to protect us and our money from the evolving world of cybercrime. But we are also responsible for protecting ourselves. And that means not living in ignorance - or believing that we will never be a victim of this insidious, 21st-century crime wave.

fglover@thenational.ae