Attempted banking fraud hits GH¢1.85bn in 5yrs – e-Crime Bureau

The total value of attempted fraud initiated against banks, Specialised Deposit-Taking Institutions (SDIs) and electronic money issuers (EMIs) between 2017 and 2021 has approached the GH¢2billion mark; however, the success rate of such attacks is just over 10 percent, analysis by cybersecurity consultancy – e-Crime Bureau – has shown.

A perusal of the data shows that in the five-year period, attempted attacks on this segment of the financial industry totalled GH¢1.85billion, with a total loss value of GH¢194.56million, translating into a 10.5 percent success rate.

This came to light during a webinar organised by the Chartered Institute of Bankers (CIB) Ghana and e-Crime Bureau on the theme: ‘Analysis of the 2021 B&SDI & EMI Fraud Report – The Past, Present and Future’.

Lead, Financial Crimes & Anti-Money Laundering (AML) at the bureau, Eric Kwaku Mensah, who served as facilitator for the session, stated that despite the relatively low success rate and the drop in attempted cases in 2021, the high success rate points to enhanced efficiency by cybercriminals.

“There is a problem there; we are noticing a trend where the overall rate of attacks is going down, but the success rate is on the ascendancy. The attackers, it appears, are becoming better in cashing out and we would have to be extra cautious to seal these avenues,” Mr. Mensah noted.

Data contained in the Bank of Ghana’s (BoG) Banking, Specialised Deposit-Taking Institutions and Electronic Money Issuers (EMI) Fraud Report 2021 showed that the number of attempted fraud cases in the industry fell by 12.1 percent in 2021 to 2,347. However, there was a sizeable 144 percent year-on-year increase in the value lost from GH¢25.4million in 2020 to GH¢61million in 2021.

Breakdown

In 2017, the total value of attempted fraud was GH¢190million, with a GH¢30million – 15.8 percent – lost to the attacks. The attempts more than doubled the following year, reaching a, perhaps, ironic value of GH¢419million, with a lower success rate of 10.6 percent but a higher nominal value of GH¢44million. The increase in attempts in 2018 has been attributed to the uncertainty and disruptions brought about by the financial sector clean-up.

Fraud attempts fell drastically – by more than 72 percent – in the following year to GH¢115.5million. Nonetheless, the success rate remains the highest in the last five years at 28.9 percent.

The faster-than-anticipated shift to digital channels and work-from-home setups occasioned by COVID-19 saw 2020 attempted fraud against the industry breach the GH¢1billion mark – an all-time high. In 2021, cybercriminals attempted to steal GH¢113.9million from the industry.

For the specific number of incidents, the 2017, 2018, 2019, 2020 and 2021 recorded 1,418; 2,175; 2,295; 2,608, and 2,347 attempts respectively.

Further in-house analyses by the e-Crime Bureau revealed that mobile money and email frauds occupy the second and third position for types of attacks. Phishing – the attempt by cybercriminals posing as legitimate institutions, usually via fraudulent websites, to obtain sensitive information from targetted individuals – remains number one. All three methods have seen considerable hikes since 2018.

2022 Forecast

With digitalisation on the rise, the e-Crime Bureau is predicting that there will be an increase in attacks on digital channels for financial transactions, online identity theft, sophisticated attacks targetting mobile financial services, as well as increased use of crimeware-as-a-service through coordinated cyberattacks against financial institutions.

“We also expect to see increased social engineering attacks, the usage of non-traditional ways for money laundering, such as some cryptocurrencies and a rise in insider threats in traditional and electronic crimes,” Mr. Mensah added.