First National Bank Namibia says a total of N$600 000 has been lost through 788 transactions made via the bank’s eWallet facility since August last year.
This was revealed by the bank’s executive for retail banking, Nangula Kauluma, at a press briefing in Windhoek yesterday.
Kauluma was responding to the complaints of clients who have lost money through eWallet transactions, saying they were investigating the incidents.
The police in the Omusati region last week arrested a suspect in connection with stealing N$5 000 from a First National Bank (FNB) Namibia client via eWallet at Outapi.
Omusati police regional commander commissioner Ismael Basson says Ismael Hilifaali (28) was arrested on Thursday and appeared in the Outapi Magistrate’s Court on Friday for allegedly stealing money belonging to Ezra Kaleb.
The case was postponed to 6 December for further police investigations.
“It is alleged that Hilifaali logged on to an app on the complainant’s cellphone number, and got access to the complainant’s banking details. The money was withdrawn on 20 January at Outapi,” Basson says.
Kaleb says her money was withdrawn at an FNB ATM at Outapi while she was in a queue in Windhoek to withdraw it.
A bank document which The Namibian has seen shows that Kaleb’s money was withdrawn three times: The suspect withdrew N$2 000 during the first and second time, and N$900 the third time, using the remaining N$100 to buy N$87 worth of prepaid airtime.
The bank yesterday reiterated that the incidents of theft are all due to one-time pins (OTPs) being compromised by clients.
The bank said its own security is not compromised.
However, a number of clients took to social media last week saying they never shared their OTPs with any other party.
FNB currently has 1,3 million eWallet holders – almost half the population – and a total of 788 transactions involved the theft of N$600 000 between August last year and this year.
Kauluma said the bank has been working closely with law-enforcement authorities to apprehend the perpetrators as it has taken the victims’ outcry seriously.
“Nampol has even incorporated a task force to specifically look at digital fraud cases, including eWallet fraud,” Kauluma said.
She said the control and monitoring of the bank’s security mechanisms adhere the highest regulatory requirements as well as global standards.
“With all these measures the bank maintains, it is important to remind our customers that they too play a role in maintaining their security further as the last line of defence,” she said.
Kauluma said to date eWallet fraud has only been caused by compromised OTPs, involving that customers are tricked by fraudsters into sharing their pins with them.
Responding to complaints by their clients who said the bank was blaming them for the incidents, FNB’s chief marketing officer, Traci Eagles, yesterday told The Namibian that they were not putting the blame on the clients but rather explaining how fraudsters use different tactics to defraud customers unknowingly.
Eagles said that clients should be wary of people calling them and pretending to be from the bank and asking them to provide their personal information such as their OTPs or convincing them that they received an OTP meant for another number and that they should return it.
Yeoman Hamilton, the head of transactional and digital banking at FNB, yesterday said: “We must emphasise that when a customer is informed by the bank that their OTP has been compromised, this is the four-digit number that was shared previously and not at the point that the eWallet is taken by the fraudster, using the five-digit pin generated at that point in time.”
He said the bank has put an extra security measure in place which stops clients’ OTPs from being issued via another device other than the one linked to the account.
“But while this may help, sharing your OTP at any time with anyone would still put your funds at risk,” he said.
Hamilton said fraudsters usually download the FNB app and use clients’ phone numbers to link to their eWallets.
Clients then receive a message with an OTP, which they share with the fraudster who calls pretending to be a bank employee or distressed person who sent the message incorrectly.
Once a client shares their OTP, the fraudster’s account is linked to the client’s eWallet.
This means every time the client receives money, the fraudster is alerted and can withdraw it.