According to the report, dubbed Getting Back to Security Basics prepared by a private firm Serianu Limited, the criminals later sell this information for not less than $10(Sh840) to any willing buyer, local or international/XINHUA
NAIROBI, Kenya, Jul 24 – If you are credit card holder, there is need for you to keep an eye on your card during any transaction, and get it back as quickly as possible after the transaction.
This is after a report revealed that cyber criminals have now focused on paying shop operators to get key information from their customers’ credit cards which is passed on to fraudsters.
According to the report, dubbed Getting Back to Security Basics prepared by a private firm Serianu Limited, the criminals later sell this information for not less than $10(Sh840) to any willing buyer, local or international.
Speaking during the launch of the report, Chief Consultant at the firm William Makatiani said the criminals are now stealing from Kenyans using this method as many financial institutions have no capability to detect when someone is using another person’s credit card and even poor fraud prevention methods.
“Some of the store you go and swipe your card… somebody might be taking the information and can use your card. And that is why people need to protect that information. I can get your expiring date, the number you use to authorize some of the transaction worldwide and so on, “warned Makatiani.
Another way the thieves get credit card numbers is by hacking into computer networks that store credit cards information.
He said card holders should report any questionable charges promptly and in writing to the card issuer for necessary action.
“If you think of a cyber criminal, most of these people are driven by the need for money,” he said.
The report has also revealed that businesses and other organizations in Kenya are also experiencing cases of insider threat including data leakage and insider fraud.
He said most of the insider fraud is being carried out by employees who he said are not necessarily after money, but to get back at their employers.
He said the biggest challenge is that there are no sufficient reports on cyber crimes from the side of the regulators despite most of the financial institutions are losing a lot of money through cyber crimes.
However most of them opt to hide, to protect their public image and integrity.
“I cannot really tell you how much we are losing in this financial sector which is the biggest target for all kinds of criminals, but I am sure they are suffering,” Makatiani said.
He also said there is need for all organizations to be keen when coming up with Internet products and even websites adding that most of the web applications continue to be vulnerable to threats which cannot be detected or prevented by traditional network security devices.
According to the study, 103 Government owned websites were compromised by a hacker known as Direxer, whereby the sites were made in accessible to the public.
He added that: “Weaknesses in these websites also left the sensitive data hosted on them exposed to the whole world.”
The Ministry of Information and Communications has proposed the Data Protection Bill 2012, which among other things will ensure that anyone collecting or storing confidential information to put in place security measures.
“There is no doubt that if this Bill is well implemented, it will improve the standard of cyber-security in Kenya.”
As at December 2011 there were an estimated 17.38 million Internet users in Kenya, according to the Communication Commission of Kenya (CCK).
