Cyber fraud and identity theft are usually rampant in December. This is when retail customers, who are the targets of identity theft, are most vulnerable.
During the December holidays, people shop more, spend more, and are often in a hurry. This makes it easier for scammers to trick them. Many people buy things online, where fake websites and deals are common. People are also distracted and may not notice something wrong with phishing links.
All of this gives fraudsters a better chance to steal money or personal information which they can use to commit fraudulent acts with the identities they obtain.
It is common to see a lot of warnings urging people to be careful during this period. Blowing the first whistle, the National Information Technology Development Agency (NITDA) has warned retail banking customers to be careful of a malware called Grandoreiro, which targets unsuspecting victims through phishing links.
Grandoreiro is a Brazilian banking trojan which allows threat actors to steal your personal information by bypassing the security measures of your banking apps, once they gain access to your phone. It has been active since 2016 and has now spread globally, with Africa recently joining the list.
Fraudsters who use Grandoreiro typically send an email to banking customers that resembles the ones they typically receive from their banks. The email contains a PDF file, which when opened, redirects you to the malicious webpage. Once the victim downloads the malware, the trojan instantly locks itself into the user’s banking apps and payload, and steals their personal information.
Babatunde Olofin, the Managing Director of Moniepoint, a Nigerian fintech, has also warned users against sharing their bank accounts publicly, citing that their information can be stolen. As cyber activities peak this period, it is important for users to protect their identities and banking information to avoid falling victims to cyber fraud.
