fbpx

THE DANGER OF GIVING OUT BANK DETAILS ON SOCIAL MEDIA PLATFORMS FOR GIVEAWAY OFFERS

As the age of technology continues to evolve, human civilisation and knowledge are at the intersection between information and ignorance.

Must Read

Destiny Young
Destiny Younghttp://linktr.ee/youngdestinya
Destiny Young is a highly credentialed information technology professional with over 14 years of industry experience. An HND/BSc (Hons) in Computer Science graduate. He holds a Master of Technology degree in Information Technology from the prestigious University of South Africa (UNISA). He is a Distinction-grade MBA alumnus of Nexford University, Washington, DC, where he also obtained a First-class MSc degree in Digital Transformation. His professional development direction is in Cybersecurity, Digital Transformation, and Business Intelligence. He is a member of the British Computer Society (BCS), the Chartered Institute of Administration of Nigeria (CIA), the Nigeria Computer Society (NCS), etc.

BY: DESTINY YOUNG

The other day, I read a post on a friend’s Facebook timeline wherein he announced that he feels obligated to help some friends and followers who you feel may have urgent financial constraint and needed help. In his well-intentioned opinion, he decided to request that they his friends and followers pray and drop their Bank account details in the COMMENT SECTION of that post. Quite commendable and very thoughtful of him.

While I appreciate such gestures and wish I could myself do more like that to help humanity, I am a little bothered, if I do not enlighten the public on the ill consequence of such offers.

As the age of technology continues to evolve, human civilisation and knowledge are at the intersection between information and ignorance.

I may not know how my friend’s followers whom he wants to help will feel about my observation, but I am ethical bound as part of my responsibility as a Cybersecurity professional to create awareness where possible on the safe use of internet and also as part of my commitment towards ensuing safe internet community.

It is not ideal for a few friends to benefit from that gesture, while a larger percentage of other social media become victims in their hands of fraudsters who compromise their data privacy.

The fundamental principle of Information Security Management System (ISM) is to promote #CIA – Confidentiality, Integrity, and Availability of personal data.

Confidentiality ensures that the privacy of personal data is maintained, and that the data can only be accessed by the owner or an authorised entity. In this case, no one is supposed to know the mobile number or Date of Birthday attached to my bank.

Integrity guarantees that the personal data remains personal to the owner and that at no point should the account be accessed in any form by any other person without the authorisation of the owner. In this case, the amount in my account should remained in the exact same value I know and should not be tampered with without my approval.

Availability ensures the money (the value sum) in my account is available to me anytime I want to access it, without the excuse of any breach arising from fraud or something else.

These personal data include but not limited to:

1. Legal/official Name.

2. Date of Birthday.

3. National Identity Number (NIN).

4. Biometric Verification Number (BVN).

5. Email Address.

6. Phone Number; and

7. Bank Account Number.

In my friend request in his post, his friends and followers were asked to supply their Bank details, which of course are part of their Personal Confidential information. This information were being given to you in the OPEN COMMENT SECTION, a public space.

As a public figure, my friend timeline is open to all kinds of person, some of which he doesn’t even know.

This article is premised on the possible breach of the personal confidential data of those, who out of IGNORANCE, left their banking details on the comment section of the post.

HOW A HACKER CAN PREY ON YOUR FRIENDS & FOLLOWERS

First, let’s understand the basic information the Banks hold to identify a customer, these are: Legal Name, Date of Birthday and Phone Number.

Now, your friend has dropped his: Legal Name, Bank Name, Bank Account No.

What is left in the list above to identify a Bank’s customer is the Date of Birthday.

Say, I scan through those friends who have dropped their account numbers and run a random check on each of their Facebook profile, I am likely to see some who have left their full Date of Birthday open to public on their Profile setting. For the ones, whose Date of birthday are hidden, a check on their anniversary posts will reveal their Date of Birthday. With Social Engineering, a method where a hacker obtains personal confidential data from an object by making a friendly call asking few questions, the hacker can obtain the full date of birthday of the account holder.

With: Legal Name, Date of Birthday, Phone Number, Bank Name, Bank Account Numer, a smart hacker can retrieve your NIN, and the consequences will be frustrating and painful.

I hope you now understand why IT IS NOT an ideal method to ask friends to give you their Account Number in the open space.

Welcome to #eNairaSpeed

May I reintroduce you to #CBN #eNaira account. eNaira is an official Nigerian Government digital wallet that holds the Nigerian Naira in electronic form. It does not replace the Naira but complement the Naira, and anyone with a Mobile phone can own an eNaira account without having a Bank account. You can transact with eNaira just the same way you do with the normal Naira except that there is no paper note in the transaction chain.

eNaira does not use your Bank account number to identify an account holder like it is with Bank, rather, it uses WalletID/Alias as Unique Identifier. The beauty of eNaira Wallet is that you can link your normal bank to it if you have one and when there is a credit to your eNaira Wallet, you can use the #eNairaSpeed app to transfer the money into your Bank where you can then withdraw with your normal ATM.

HOW TO CREDIT YOUR FRIENDS ENAIRA WALLET IF YOU ARE DOING GIVE-AWAY:

1.        Ask your friend to open to download and install eNaira app from Google Playstore Apple Store and create an eWallet.

2.        Request your friends to drop their #eNaira QR Barcode or WalletID or Alias.

3.        Scan the QR with your phone camera or QR scanner app.

4.        That opens up your friends’ eNaira Wallet ID in your eNaira Wallet app.

5.        Simply input the amount you want to help your friend

6.        That ends the STORY.

As technology introduces digital innovation to simplify our day-to-day financial transaction, they would always be an increasing cyber-attack because hackers and fraudster will continue to evolve new strategies, and I will continue to place myself at the forefront of the crusade to create cybersafe awareness.

I am Destiny Young, a Cybersecurity professional, writing from Uyo

Follow me on any of the social channel here, as I from time to drop technology and, information security tips at Twitter: @youngdestinya, Facebook: @youngdestinya, LinkedIn: @youngdestinya

Destiny Young
Destiny Young is a highly credentialed information technology professional with over 14 years of industry experience. An HND/BSc (Hons) in Computer Science graduate. He holds a Master of Technology degree in Information Technology from the prestigious University of South Africa (UNISA). He is a Distinction-grade MBA alumnus of Nexford University, Washington, DC, where he also obtained a First-class MSc degree in Digital Transformation. His professional development direction is in Cybersecurity, Digital Transformation, and Business Intelligence. He is a member of the British Computer Society (BCS), the Chartered Institute of Administration of Nigeria (CIA), the Nigeria Computer Society (NCS), etc.
- Advertisement -spot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest News

Data Lifecycle Management: EXPLAINED

Data lifecycle management (DLM) is a policy-based approach to managing the flow of an information system's data throughout its lifecycle: from creation and initial storage to when it becomes obsolete and is deleted.
- Advertisement -

More Articles Like This

- Advertisement -