First National Bank of Namibia (FNB) has explained how fraudsters target their clients using the one-time pin (OTP).
The bank reiterated at a press briefing on Monday that all eWallet theft incidents recorded by the bank were through customers’ compromised OTPs.
This is after clients last week said they never shared their OTPs with anyone and lashed out at the bank for blaming them and “refusing to take responsibility” after reports of missing funds via eWallet.
Speaking during the media briefing on Monday, FNB executive for retail banking, Nangula Kauluma, said the bank was working closely with law enforcement agencies to apprehend the perpetrators, as they had taken the victims’ concerns seriously.
“The Namibian Police has even incorporated a task force to specifically look into digital fraud cases,” said Kauluma.
The bank currently has 1,3 million eWallet holders, but only 788 transactions have been affected by these thefts between August 2022 and August 2023.
Responding to complaints by their clients who said the bank was blaming them for the theft incidents, FNB’s chief marketing officer, Tracy Eagles, told The Namibian that they were not putting the blame on the clients, but rather explaining how fraudsters use different tactics to defraud customers unknowingly and how they can protect themselves.
Eagles said that clients should be wary of people calling them and pretending to be from the bank and asking them to provide their personal information such as their OTPs or convincing them that they received an OTP meant for another number and that they should return it.
“They (fraudsters), sound very convincing and professional. Some of these scams may have happened a while back and the client may have no recollection of them,” said Eagles.
Yeoman Hamilton, the head of transactional and digital banking at FNB yesterday said: “We must emphasise that when a customer is informed by the bank that their OTP has been compromised, this is the four-digit number that was shared previously and not at the point that the eWallet is taken by the fraudster, using the five-digit pin generated at that point in time.”
He said the bank has put an extra security measure in place which stops clients’ OTPs from being issued via another device other than the one linked to the account.
“While this may help, sharing your OTP at any time with anyone would still put your funds at risk,” he said.
Hamilton said fraudsters usually download the FNB app and use clients’ phone numbers to link to their eWallets.
Clients then receive a message with an OTP, which they share with the fraudster who calls pretending to be a bank employee or a distressed person who sent the message incorrectly.
Once a client shares their OTP, the fraudster’s account is linked to the client’s eWallet.
This means every time the client receives money, the fraudster is alerted and can withdraw it.
- This story has been modified to reflect the bank’s explanation about fraud in detail.