The operation most used by cybercriminals is to steal the identity and passwords of bank customers to enter their accounts, ask for credits, withdraw money and disappear. The victim is thus left with his bank balance at zero and a debt to be canceled with the entity.
Virtual assailants have two ways to get hold of victims’ data:
Deceptions through conversations: in social networks, emails or telephones, what is known as “social engineering”
Phishing: emails or messages on networks that pretend to be authentic
Consequently, customers must be attentive, not give information before certifying the identity of their interlocutor and strengthen their access codes.
“The first thing I try to convey to people is that they have to understand that you have to take care of your identity. It’s an asset: you have to understand how important it is to take care of it,” Rodrigo López Guerra, CTO of Ixpandit Fintech Factory, told iProUP. To this end, the executive stresses that “the industry must mobilize in new vectors of safety certification”.
“New measures could be implemented, such as an electronic DNI that helps identify as a third vector: you must have the key, the token and the DNI with the person’s chip. Or some hard data to get,” says López Guerra.
He adds: “For example, if the DNI processing number were requested to validate the identity, it is a difficult piece of information to steal if you do not have the document. It may be that tomorrow will not be a vector of defense, but today it is, because very few people have access to that data,” he adds.
See full note here