Bank of Jamaica issues statement after customers lose large sums
The Bank of Jamaica (BOJ) says it moved quickly to engage in dialogue, both internally and with the wider commercial banking industry, following the recent high-profile social engineering attack that caused customers to lose significant sums.
The BOJ, which is also the country’s central bank, said the dialogue with various stakeholders was aimed at discussing possible measures that can be taken to reduce phishing, smishing, vishing and other fraud based on the technology.
The bank said it recognizes that the increased reliance on technology for the provision of and access to financial services has led to an increase in cyberattacks and social engineering attacks locally and globally for, among others, steal data or funds.
– Advertising –
It said it had therefore incorporated deeper reviews of banks and other licensees under the Banking Services Act (BSA) using data analytics to help identify gaps in systems more quickly. and measures that could present a risk of criminal activity, including cyberattacks.
“In addition, banks and other licensees under the BSA are required to put in place effective mechanisms and system controls to protect themselves and mitigate the risk of cyberattacks and other fraudulent activities.
“Given the evolving nature of the cybercrime landscape, the board and management of licensees must be proactive in managing this risk. Our efforts are also complemented by the Cybercrime Act which criminalizes these activities. »
The BOJ said that in recognition that even with robust technology systems, bank customers can still be defrauded through social engineering attacks where they are manipulated into compromising their own information, “we implore our licensees to increase their vigilance and be proactive in educating the public on how to protect themselves and their money.
“The bank has been and continues to be a strong advocate for financial literacy and has used programs such as ‘Under the Law’ to educate customers about accessing financial services in the safest way possible.”
He said he encouraged bank customers to, “if in any doubt, call your financial institution to verify the authenticity of any communication from any email address, text message or phone claiming to be your bank before disclosing sensitive information, especially if it is information that your bank should already have in its possession”.