POS Operators Warn Cyber Criminals
George Tseen
Cyber crimes are becoming more commonplace, more dangerous, and more sophisticated. Our nation’s critical infrastructure, including both private and public sector networks, are targeted by adversaries. Companies across the globe are targeted for trade secrets and other sensitive corporate data and universities for their cutting-edge research and development. Citizens are targeted by fraudsters and identity thieves, and children are targeted by online predators. Who is behind such criminal acts? It runs the gamut; from computer geeks looking for bragging rights, to businesses trying to gain an upper hand in the marketplace by hacking competitor websites, from rings of criminals wanting to steal personal information and sell it on black markets or swindle unsuspecting victims, to spies and terrorists looking to rob our nation of vital information or launch cyber strikes.
Cybercriminals often carry out their activities using malware and other types of software. But social engineering is often an important component for executing most types of cybercrime. Phishing emails are another important component to many types of cybercrime but especially so for targeted attacks, like business email compromise (BEC), in which the attacker attempts to impersonate, via email, a business owner in order to convince employees to pay out bogus invoices. Cyber extortion involving an attack or threat of an attack coupled with a demand for money to stop the attack, Cryptojacking using scripts to mine cryptocurrencies within browsers without the user’s consent. Cryptojacking attacks may involve loading cryptocurrency mining software to the victim’s system, Identity theft that occurs when an individual accesses a computer to glean a user’s personal information, which they then use to steal that person’s identity or access their valuable accounts, such as banking and credit cards., Credit card fraud; when hackers infiltrate retailers’ systems to get the credit card and/or banking information of their customers.
Cyberespionage which is a crime involving a cybercriminal who hacks into systems or networks to gain access to confidential information held by a government or other organization. Attacks may be motivated by profit or by ideology. Cyberespionage activities can include every type of cyberattack to gather, modify or destroy data, as well as using network-connected devices, like webcams or closed-circuit TV (CCTV) cameras, to spy on a targeted individual or groups and monitoring communications, including emails, text messages and instant messages, Software piracy involving the unlawful copying, distribution and use of software programs with the intention of commercial or personal use. Trademark violations, copyright infringements and patent violations are often associated with this type of cybercrime.
With Nigeria venturing into a cashless society, the threat of cybercrime becomes all the more relevant. There needs to be integrated efforts between individuals, businesses, the Nigerian government and the international community. Reforms such as increasing awareness on the mode of operations of cyber criminals, improved personal security, establishment of anti-scam centers etc are vital in minimizing cybercrimes. In an effort to combat cybercrimes in Nigeria, the Central Bank of Nigeria introduced a risk-based cyber security framework and guidelines for deposit money banks and payment service providers. This framework lays out proactive steps to secure critical information assets including customer information that is accessible via the internet.
This informed the decision of the Association of Mobile Money Operators of Nigeria (AMMON) Benue Branch, in collaboration with the Economic and Financial Crime Commission (EFCC), Makurdi Zonal Office, the Nigerian Police (NP), Benue State Police Command to carry out public awareness on how citizens can safeguard their money against the activities of fraudsters who have seen COVID –19 as safe haven for extorting and defrauding members of the public, either by stealing or swapping Automated Teller Machine Card (ATM) and approaching Point of Sale (POS) for the purpose of stealing from unsuspecting members of the public.
Chairman of the association, Orafa Shedrack Terngu said the awareness has become necessary so as to protect and reposition AMMON members and guide them against being conspirators to cybercrime in the State and Nigeria at large. Orafa stated further that as way of safeguarding the operations of his members, it has now become a matter of operational policy and guideline that any person approaching any POS point for any transaction must deposit his or identity card with verifiable address for proper identification in case of any eventuality. More so, as an association they will continue to train and retrain their members on the provisions of the law as well as the regulations guiding the business and that members will also be encouraged to train and retain their respective staff.
On her part the Head of Advanced Fee Fraud (AFF), EFCC Makurdi Zonal Office, Stephanie Philips called attention to Money Laundry Act and the Cybercrime Act of 2015 which has made provisions for due diligence. She said it has become necessary that all POS operators and other Financial Institutions follow the guideline of Know Your Customer (KYC), as well exhibit due diligence before transaction because ignorance of the law is not an excuse. She stated further that POS operators are not immune from the statutory regulations and must also follow them strictly to avoid their business premises being used as a conduit pipe to smoke out funds from victims.
The Benue State Police Command through its PPRO, Anene Sewuese said the major problem with POS operators is the ignorance of the law, as most of them when arrested for conspiracy in fraud hold on to ignorance of the law. She said the force under the leadership of the current Commissioner of Police Mohammed Mukaddas is deepening awareness on how the POS operators can mitigate risk. The Police enjoined anybody that wants to go into cyber business to under study the law.
The common practice of this criminals include calling victims to send their bank details for palliatives, jobs, interviews, upgrade their bank details, join lucrative businesses, invest in interest yielding businesses and many more.
Members of the public are therefore warned to be security conscious and not to disclose their personal bank details to unofficial or unverified sources and where they feel suspicious should report to the respective agencies for investigation.
POS Operators should know that the Law against Cybercrime in Nigeria provides that anyone who steals through ATM commits an offence and shall be liable to conviction of not more than 7 years. POS operators have a duty to verify the identity of the person approaching them with an ATM card and other means of withdrawing on depositing monies through their respective channels.
In the same way, it has become pertinent for the Federal Government to harmonized the data base of Nigeria from Independent National Electoral Commission (INEC), National Identity Management Commission, Commercial Banks as well as Central Bank of Nigeria into one database to ease identity verification.
