Don’t Be Victim Of Fake Bank Alert, Experts Warn About Yahoo Boys’ New Tricks

Internet fraudsters, popularly called Yahoo Boys, may be shifting focus from romance scam to developing applications to dupe victims through sending fake bank alerts after transactions.

Mikhail Jella, a banker with over 10 years experience, said a bank customer may not see any “difference between fake bank alert and a genuine one,” unless they’re meticulous.

After carrying out a transaction, the fraudsters will generate fake bank SMS alert that will correspondent to the bank balance of the victim.

According to Jella, a fraudster will get away with it if the persons fail to check their balance using their mobile bank apps, USSD or Automated Teller Machine (ATM) Cards.

“So, when you check the fake alert, if you are conversant with the alert you’ll see one or two differences just that people don’t really pay close attention. When they receive the amount, they’ll give out their money and it’s not as if the money entered the account, it’s just an SMS.

“For instance, if you have N50,000 in your bank account and they send a fake alert of N20,000 into that same account, the fake alert sent will top up the genuine balance in your account. And the SMS alert received on your phone shows N70,000, meanwhile the N20,000 is just an empty alert. The money is not there in your account,” Jella explained.

Role Of The Dark Web In Fake Alert Scam

The dark web is a part of the internet that isn’t indexed by search engines, as a result, regular internet browsers cannot access it. It is a part of the internet where no rule exists.

On this dark part of the internet, one may find child pornography, buy Improvised Explosive Devices (IED), hard drugs, hire assassins, engage the services of hackers and so on.

A form of crime that has gained ground among Nigerian fraudsters in the dark Web is called Carding—selling of people’s credit cards. A card containing, for example, $10,000 may be sold at $4,000. Fraudsters simply steal the information on the card and sell it to buyers.

Apps like Flashfun, Money Prank Pro, Billionaire Freak Bank account and others make it easy to generate fake bank alerts.

The applications have the capacity to access a victims’ balance to make the scam look genuine.

Creating mobile apps have become somewhat easy. On a website like discoverresultsfast.com, all that is needed is to search “I want to create my own app” and direction will be given on different sites that create mobile apps. You can develop your own app with Google Cloud Platforms(GCP) and more.

Up Tech can even give you step by step guide on how to create a mobile banking app.

Experts Speaks On Fraud And Mobile Bank Apps

Abdulrasheed Audu, a chartered information technology practitioner, and the cofounder of CIPANE, highlighted the processes fraudsters take to carry out their malicious acts.

He said they defraud victims with the help of social engineering by getting victims to supply their bank information or go the extra mile to break into the bank’s database to extract the information of people they target.

He said in Nigeria, 98-99 percent of scammers do not have all the technical skills needed to develop apps. Explaining further he said,

“Only a few can develop an app from scratch to finish on their own for a specific purpose. But under that 1 percent, you still have like 0.1 percent that can do the app themselves and the remaining 0.9 percent are the few that have the skills to develop the app themselves. Any other outside that 1 percent are what we call the script kiddies, they just buy the app themselves, go to the internet, buy tools and then start running it on people.

“They are using the dark web to create these apps. The internet you know today is just actually 15 percent of the actual Internet. The internet is bigger than what you see. What you do with your Google and all that is just a surface web which is just 15 percent. Most of it resides in the dark web.

The good news, according to him, is that even when the fraudster creates the app, it doesn’t give him access to the internet network of any bank.

“They usually need social engineering to be successful; this is the act of exploiting human behaviour. So, these human behaviours include trust, greed and kindness. They try to talk to the person and lure them into releasing sensitive information,” he said, adding that fraudsters also try to compromise their victim’s account after harvesting their information from social media adverts they put out.

“They will tell you it’s empowerment stuff, then you’ll send out your BVN and you begin to compromise your details. So, when they compromise this account, they will move the money from this account to another account which is not their account, then they will either purchase airtime or do something that will not be traced to them,” Jella explained.

He also explained that most victims don’t usually come out to give details on what happened, “they’ll be hiding some certain details. It’s better they divulge the whole truth so that proper investigation will be done,” he added.

How To Avoid Falling Victim

The cyber security expert advised Nigerians to be more security conscious when making transactions.

“First thing is, when you conduct business transactions you don’t use your bank account phone line. Use another phone number for your transactions. You know the app requires your phone number and your account number. So, if the guy is so foolish, he will now be sending you an alert on the wrong phone number and you’ll know that it’s fraud,” he advised.

He noted that it may be difficult to catch the fraudsters after the crime except to track them through the phone number they used to communicate with the victim.