Benjamin Babine, Abuja
As the COVID-19 pandemic worries continue across the country, cybercriminals have taken advantage of the unusual times and have intensified their effort to defraud and deceive people because of the spike in internet usage.
There is increasing number of phishing attacks aimed at infecting systems or extracting sensitive information from Nigerians. Some of these attacks include campaigns that defraud citizens by offering essential products and services at suspicious prices.
There is therefore an urgent need for cybersecurity because the most parts of country is going digital with remote banking, financing, working and learning, as a result of the pandemic. Many digital and e-payment platforms have had an incredible increase in demand. Unfortunately, the unexpected spikes in transactions has overwhelmed the systems’ capacity and exposed it to risks.
In the last couple of weeks, home-bond internet users have complained of receiving several e-mails, sms, Whatsapp messages offering free services such as “Do-It-Yourself” Covid-19 tests; subscription to either Netflix, DSTV, Government Intervention/Grant of N30, 000) and other tricky offers.
Some of the fraudulent schemes are reported to have come in the form of links that offer free data or request for the Bank Verification Number, BVN, and account details of their victims, assuring that such victims will be credited with money, as part of the federal government’s palliatives to cushion the effects of the running Stay-at-Home order.
The Economic and Financial Crimes Commission, EFCC, responded to these issues by cautioning members of the public against emerging online fraudulent tactics, being explored by internet fraudsters and promising that actions are being taken to catch cybercriminals.
According to the EFCC, many of the fraudulent online messages require recipients to click and fill out an online survey and forward same to ten (10) Whatsapp users.
The Commission stated: “The messages are embedded with malwares and other malicious codes which when clicked, trigger a program that steals and compromises mails, banking logins passwords, credit- related information and other critical data contained on the recipient’s devices.
“Victims stand the risk of losing both confidential information and monies, since unauthorised access may have been granted to cybercriminals. They are also in danger of being infected with a ransomware which will automatically lock their electronics device.”
EFCC further advised the public to not open unsolicited e-mails but open only those that are from known and trusted sources; not click on any links or attachment with e-mails from unknown source; take closer look at URLs for spelling errors before clicking; visit the official websites of the organizations; turn on personal Firewall on your devices; cross-verify before making the payments and Install and update Anti-virus on devices.
The Commission stressed that citizens should not divulge to anyone via telephone or e-mail, any personal information such as Passwords, PIN numbers, ATM Cards numbers, etc.
Amidst the whole situation, the Minister of Communications and Digital Economy, Dr Isa Ali-Pantami, responding to the complaints disclosed that his cybersecurity teams have been intercepting many of these attacks. He assured Nigerians that hands are on deck to curb the operations of cybercriminals.
He said: “Our cybersecurity teams have intercepted following cases, amongst others: phishing attacks aimed at infecting systems or extracting sensitive information; campaigns that defraud citizens by offering essential products and services at suspicious prices; fake news and misinformation aimed at spreading panic, creating instability and promoting distrust; and Video-teleconferencing (VTC) hijacking also called Zoom-bombing.”
Also very recently, some unknown individuals claiming to be representatives of Zenith Bank Plc had been making phone calls to innocent
Nigerians asking for confirmation of their debit card details and ATM PIN to
enable them disburse a purported COVID-19 relief package from the Federal Government. The management of the bank openly disassociated themselves from every such acts and advised their customers to beware of such criminal activities.
The Information Systems Audit and Control Association (ISACA) also warned Nigerians, the government and companies to protect their systems from cyberattacks amid the COVID-19 crisis.
Ime Udoko, Director, Research and Marketing of ISACA, Abuja Chapter, said on Wednesday that there was increasing threats on computers and phones with the Remote Work Model (RWM).
He said: “The RWM model mandates organizations’ personnel to connect remotely and access business emails and applications using home devices. Most often, home devices are not protected by the corporate firewalls and anti-phishing security controls.
“Most times, connections are made using home routers which are ungoverned, browsers on many computers provided by companies hold sensitive information like User IDs and passwords.
“Already, attackers find these as easy targets to gain remote credentials and perform malicious logins to corporate networks. With the low level of security awareness, phishing campaigns through email makes employees at home a soft and easy target,” Udoko said.