Online financial fraud on the rise: Financial sector stakeholders warn

By Nuzla Rizkiya  
As online financial fraud incidents are on the rise, financial sector stakeholders have called on the public to be cautious and be more vigilant.
In a joint statement to the public, the Central Bank of Sri Lanka (CBSL), Sri Lanka’s Bankers Association (SLBA), LankaPay and FinCSIRT said that they have received several reports of online scams targeting mobile devices. 
“We have been alerted to several incidents of financial fraud which were disguised as attractive online offers, leading to mobile device users inadvertently clicking on unknown links and downloading malicious apps and files”, the statement said. 
This action grants the scammers complete access to the mobile device, enabling them to control it remotely, according to the statement.
Scammers then gain easy access to bank/payment apps that are installed on the device, allowing them to steal from bank accounts and payment cards directly. 
Social media platforms, websites and online messaging applications are general platforms fraudsters utilise to lure users. 

Moreover, the statement noted that the reported fraudulent activities had happened solely due to scammers gaining control of the mobile device and not due to any security vulnerability of banking or payment apps.  State and private banks strictly comply with international security standards when developing their online applications, the statement said.  
Furthermore, the public has been advised to practice more caution and follow guidelines to avoid falling prey to online scams.  
Guidelines include being cautious about online ads, avoid clicking on unknown links/apps/ files and avoid sharing personal information, exit from unknown groups, online platforms to which users are added without consent and strictly avoid clicking on links shared via such groups, refrain from saving passwords on devices and practice using biometric authentication (e.g., fingerprint, facial recognition) to access bank/payment portals, download apps only from official app stores and regularly review app permissions, disable mobile data/Wi-Fi if suspicious behaviour is noticed, and install updated antivirus apps and pay attention to security warnings issued by authorities.