We live in a digital world where basically the use of computers, Internet and other sophisticated technology is at its climax. Today people pay bills, send and receive payments, review bank transactions and balances over the Internet and or using mobile phones.
Such innovations are intended to make life easier and more comfortable. In less than 5 years, crime and fraud have changed from an anomaly of teenage vandals into a multi-billion dollar industry. Every year, millions of people are falling victims to such activities.
There are many stories cybercrime. Such hacking in some of America’s confidential information almost ruined diplomacy between many countries. The recent being the fracas revolving around Col. Muammar Gaddafi of Libya and his family overseas legal problems gaining momentum. This is one of the ways how digital frauds manifest itself. Such disclosure of confidential information is against the basic promises of good business security – confidentiality, availability and integrity of information.
Ms Anna Okwir, a Kampala trade was once a victim of such circumstances. As the world becomes a global village, traveling from one nation to the other for business purpose is increasingly being threatened since it’s now possible to buy or sell goods online. And that’s how she was able to disclose her private information to a stranger who later stole from her some US $500.
Business experts argue that although it is very cheap and convenient to use online as a platform for business transaction since most businesses have graduated from using traditional means of operation, the risks involved are immense.
According to Mr. Mustapha Mugisa, a certified fraud examiner and the president of Uganda chapter Association of Certified Fraud Examiners, digital fraud is one of the biggest immerging risks in Uganda as people embrace technology and its advancement.
“Uganda is currently in the take-off technology level whereby every business is embracing technology and using the internet to reach out to the international market. In telecoms, insurance, and banking, for example, we have seen the emergence of mobile money transfer and mobile commerce (mCommerce) whereby people use their mobile phones to pay bills like water, electricity, DSTV or even buy goods at the supermarkets. This is making our country ripe for high risks of digital fraud unless something is done now to protect the users. Such automation between many companies increases the risk of fraud because the more the interface the higher the risks involved,” Mustapha adds.
Recently almost all telecom companies operating in Uganda and offering mobile money services have entered into the partnership with other service providers to make money transaction easier and convenient but this means that the scale of digital fraud increases to a greater magnitude. Unlike in the past, it was a bit difficult to steal a lot of information at once because manual documents are bulky, he adds.
Mr. Mugisa advises that in most cases fraud is directly or indirectly aided by internal staff following the lack of training and sensitization on what digital fraud means and how to protect company information from social engineers.
The use of technology is advancing daily and there is no way one can avoid the wave of change, companies should, however, train their staff and implement clear security policies – clearly explaining the forms of digital frauds, staff responsibilities in averting the same and repercussion for failure to comply, among others. Companies should also aim to have a security-aware culture throughout the business as well as protecting their major digital resources from hackers, social engineers. Implementing secure firewalls to protect computers connected on the Internet should be a must across the board.
“It high time companies invest in digital security defense measures and ensure that it’s integrated and adequately up to date to respond to the ever-changing and increasingly sophisticated technologies being utilized in such crime. Some people are connected to the Internet, but have not implemented security measures to block hackers.” He advises.
“With the introduction of wireless a lot of people now prefer to working at the nearby cyber cafe since it free not knowing that they are at greater risk of being hacked into and revealing confidential company information like business strategy because the person controlling that network can access their profile easily,” says Mugisa.
According to a study done by Pricewater house Coopers’ Forensic Technology Solutions team, companies should use risk assessment strategies to ensure their investment is targeted towards those security controls that offer the greatest business benefit as well as a having a clear understanding of their legal rights and responsibilities in relation to digital fraud, and aim to implement internationally-recognized standards of best practice.
Fraud in the digital world is not likely to end any sooner because the more the technology becomes sophisticated the high the risks involved. According to Mr. Mugisa, it’s high time the government through regulatory bodies like Bank of Uganda stepped in to provide assurances of the security of emerging technologies like mobile money services to reduce identity theft, fraud, money laundering and embezzlement from companies. What is worrying, says Mugisa, is that the traditional know your customer/partner rules for banks are greatly undermined when registering for mobile money account. This may expose our economy to risks of money laundering which greatly undermines business.
This story was first published in the Daily Monitor.