Mobile Banking Users Beware: A Cautionary Tale
A Chief Clark at the Colombo Land Registry Ravi Chandralal (52 ) shared his bitter experience with Lanka News Line how he was scammed after his mobile phone had been hijacked.
Ravi Chandralal relied heavily on his Smartphone for convenience, including mobile banking to manage his finances.
One unsuspecting day, while scrolling through his social media feed during a break, Ravi Chandralal received a tempting offer for a discounted vacation package. Intrigued, he clicked on the link without a second thought, unaware of the danger lurking behind the enticing advertisement.
Ravi Chandralals actions triggered a chain of events that would turn his world upside down. The link he clicked on contained malicious software designed by hackers to hijack mobile devices. Within moments, Ravi’s phone fell under the control of unseen cybercriminals.
Hackers Take Over
As Ravi Chandralal resumed his work at the land registry, little did he know that his every move was being monitored by the hackers. With complete access to his mobile device, they swiftly targeted his bank and payment apps, exploiting his financial information for their illicit gains.
Weeks passed before Ravi realized something was amiss. Strange transactions began appearing in his bank statements, draining his hard-earned savings. Panic set in as he frantically tried to regain control of his compromised phone and secure his accounts.
Desperate for help, Ravi reached out to his bank, only to learn that he had fallen victim to a sophisticated cybercrime scheme sweeping across Sri Lanka. The authorities were notified, but the damage had already been done.
In the aftermath of the ordeal, Ravi learned a valuable lesson about the importance of vigilance in the digital age. The joint statement issued by Sri Lanka Banks Association, Lanka Pay, and FinCSIRT served as a stark reminder for him and others to exercise caution when navigating the online landscape.
JOINT STATEMENT BY SRI LANKA BANKS’ ASSOCIATION, LANKAPAY AND FINCSIRT
NOTICE TO THE GENERAL PUBLIC
We have been alerted regarding several incidents of financial fraud, both globally and in Sri Lanka, disguised as attractive online offers, leading to mobile device users inadvertently clicking on unknown links and downloading malicious apps and files. This action grants scammers complete access to the mobile device, enabling them to control it remotely.
Once the fraudsters take control of the mobile device, they have easy access to bank/payment apps that are installed on that device, leading to theft from bank accounts and payment cards accessed via the mobile device.
We wish to advise the general public to be more vigilant in order to avoid falling prey to such scams. These fraudsters use social media platforms, websites and online messaging platforms to carry out such fraudulent activities.
It is important to note that these reported fraud cases are due to fraudsters gaining control of your mobile device and not due to any security vulnerability of banking/payment apps, which are adhering to international security standards.
To prevent falling victim to such scams, we advise the public to exercise caution and follow these guidelines:
Beware of online advertisements offering unrealistic deals.
Avoid clicking on links and downloading apps or files from unknown sources.
Exit from unknown and unfamiliar groups on social media platforms or online messaging
platforms to which your are added without consent.
Avoid clicking on links shared via such groups.
Refrain from saving passwords on your device.
Download apps only from official app stores like the Apple App Store, Google Play Store etc
Use biometric authentication (e.g., fingerprint, facial recognition) to access bank/payment
apps where available.
Regularly review app permissions and remove any excessive permissions granted to
installed apps.
Install a reputable antivirus app from official app stores and keep it updated to detect and
remove viruses and malware.
Be cautious of messages prompting you to disclose personal or financial information by
clicking on links.
Immediately disable your mobile data/WiFi or switch to airplane mode if you notice
unusual behavior on your device.
Pay attention to security warnings issued by FinCSIRT, banks and financial institutions and
follow their recommended precautions.
Be aware. Don’t fall prey to financial scams.