Friday, January 24, 2025

Rising threats from digital scams

photo by anteneh aklilu

In an exclusive interview with Capital’s Groum Abate, Jonathan Somers, the Middle East and Africa Sales Director for NetGuardians, discussed the alarming rise of digital scams in Ethiopia’s banking sector. As the country undergoes significant transformations in digital banking and financial products, Somers emphasized that these changes have also led to an increase in sophisticated scams that exploit vulnerable customers.

Somers explained that many of the scams currently affecting Ethiopian banks involve social engineering tactics, particularly phishing. He elaborated on how fraudsters use text messages and phone calls to impersonate bank support staff, tricking victims into providing sensitive information or transferring money unknowingly. The interview highlights the urgent need for enhanced security measures as the banking landscape evolves.

With the rapid growth of e-commerce in Ethiopia, Somers noted that scammers are also taking advantage of online shopping platforms to defraud customers by offering non-existent products. He pointed out that while romance scams are not prevalent in Ethiopia, there have been cases where bank employees have been involved in fraudulent activities related to personal relationships.

The discussion further digs into the role of artificial intelligence and machine learning in improving fraud detection and prevention within banks. Somers advocated for the adoption of advanced technologies to identify unusual transaction patterns and reduce false alerts, ultimately enhancing customer security.

This insightful conversation underscores the pressing challenges facing Ethiopia’s banking sector as it navigates the complexities of digital transformation while combating an increasing wave of cybercrime. Excerpts;

Capital: How do you see the trend of scams in Ethiopia?

Jonathan Somers: Ethiopia banking sector is currently undergoing a lot of transformation especially on digital banking and products.

With these accelerated transformations there is a rise in digital scams, most of the scam’s trends we are seeing entails use of social engineering.

      Capital: Could you elaborate on how phishing scams work and their impact on banking security?

Jonathan Somers: Phishing mostly used in Ethiopia entails use of text messages and phone calls and bank short codes mostly known as USSD. Case scenario of how phishing is used to perpetrate scams is where fraudster pose as bank customer care/support staff thereafter giving the victim some Bank Short codes/USSD codes to dial which leads to customer sending money to fraudster unknowingly.

The riskiest Phishing is where the victim is tricked into divulging some personally identifiable information that leads to their Sim card being swapped and the fraudsters take-overs their mobile phone + Mobile banking access which leads to customers bank accounts being drained without being aware.

Additionally, with the rise of ecommerce market customer are using phishing to offer bank customers online “purchase deals” only for the goods not to be delivered after the customer has made payments through mobile /digital banking.

       Capital: How do romance scams typically operate, and what makes them particularly effective?

Jonathan Somers: Romance scams is not really something common and is rarely used to perpetrate fraud. We however have seen isolated cases of Bank employees or staff are dropped into romance related fraud i.e., bank staff taking loans or bank money only for their lovers not pay back on due time leading to loan default.

We have cases of however of someone close such as spouse, friends and family knowing some banking credentials taking a victim and transferring money to themselves without the victim knowing since all notification messages are deleted.

       Capital: What role does social engineering play in business email compromise (BEC) fraud?

Jonathan Somers: Business Email Compromise entails is basically a form social engineering where the fraudster pretends to be someone within the organization or very well known to the organization

       Capital: How can AI and machine learning improve fraud detection and prevention in banking?

Jonathan Somers: Use of AI and Machine Learning improves fraud detection by reduce false alarms false positives, this is because it understands customer behavior and past historical transactions. Most of phishing scams entails money moving to unknown beneficiaries both the customer and to the bank. With the use of AI and Machine Learning such transactions can easily be identified as they are outliers.

With AI and Machine learning can identify account taker especially when coupled with fraud activities.

Capital: What are some of the limitations of traditional fraud detection methods?

Jonathan Somers: Traditional fraud detection relied solely on pattern-based detection methods normally called rules this leads to a lot of false alerts being generated hence not efficient for the monitoring teams. Additionally genuine/legitimate transaction being stopped leading to customer complains.

Also to catch new fraud pattern requires new rules not part of the initial rules need to be configured hence not efficient.

With AI however this is not case the since the fraud detection is based on what we know best about the customer their past historical transaction so any behavior out of the norm which includes fraudulent transactions are easily identified/flagged.

       Capital: How do you think economic conditions will influence fraud rates in 2024 and beyond?

Jonathan Somers: Changes in Economic conditions has always had a direct relation with fraud trends with better economic conditions the fraud trends to decrease however with worsening of economic conditions the fraud trends tend rise. In some of the countries worsening economic conditions has seen rise in in both digital frauds and even elements of organized bank fraud heist where Bank Employees are roped in to perpetrate such fraudulent grand schemes which entail compromising of bank systems.

        Capital: Can you share an experience where you successfully identified or mitigated a fraud risk?

Jonathan Somers: Some of the frauds recently caught and stopped in the recent past includes the following:

  • Scams social engineering such as fraudster posing as Bank employees somebody given USSD codes that send money to someone.
  • Digital Fraud with internal fraud elements where Bank employee changes customer KYC details for the account registered for Mobile Money then funds Withdrawn with newly registered fraudulent phone number.
  • we have had cases also of employees on some of the branches targeting special status accounts such as dormant / elderly accounts / customers who are out of country. This is majorly because the owners rarely use the accounts and no notifications for transactions undertaken.
  • For innovative new products likes digital wallets fraudsters have been identifying gaps products features like commission structures / levies / charges to profit on them at the expense of the bank.
  • Banks non standardized data capture where the provided email on customer account is staff email / phone this normally is later abused for fraud by the concerned staff.

       Capital: What advice would you give to financial institutions in Ethiopia to better prepare for the evolving fraud landscape?

Jonathan Somers: We would advise banks in Ethiopia to implement a comprehensive fraud solution that protects them and their customers from current and future frauds, using Artificial Intelligence and Machine Learning ensure the protection is real-time and does not impact the customer experience. Banks need to ensure clear accountability for fraud prevention within their management team, to ensure adequate attention is placed on implementing the necessary measures to detect and prevent frauds.

Capital: The report indicates that fraud costs corporations up to 5% of their revenue annually. How can companies better manage this financial risk?

Jonathan Somers: The ROI on high-quality fraud management systems such as NetGuardians is usually over 200%, so banks should invest in the latest technology to ensure their losses are minimized

Related Stories