Protecting your trading account against cyber attacks

There are over 38 million South Africans connected to the internet, out of which more than 200 000 are active traders - and this calls for awareness on how to protect trading accounts from cybercrime. South Africans are losing R2.2 billion to cyber-attacks as per a report in 2018, with targets ranging from mobile trading apps and e-commerce to governments and even big banks.

Cybercrime is on the increase in South Africa. This is due to several factors including a high degree of digitisation, growing retail investing, youth unemployment, low security awareness and lots of pirated software. Big banks, brokers, etc have suffered data breaches, and compromised information is still floating around on the dark web.

But traders can protect their accounts from cyber-attack by being watchful and educating themselves regularly on new cybercrime techniques used by fraudsters.

Cyber-attackers mostly use social engineering techniques to get information from their victims. Some of these are discussed in this article.

What is a data breach？

This refers to gaining unauthorised access to protected information. In this, a hacker can hack into the database of an organisation and gain unauthorised access.

If the hackers gain unauthorised access to a list of clients at a brokerage, then they can login to any trading account and could transfer money out. They can also sell the information to other hackers.

In recent years, there has been a sudden rise in reported cyber breaches/incidents around the world in which online brokerages, their staff and clients were targeted.

According to Safe Forex Brokers‘ report, a global broker comparison website, three of the leading South African forex brokers that it monitors and reviews also reported data breaches in last few years. Like in 2015, when FXCM, a popular forex brokerage that is regulated with FSCA and multiple other jurisdictions/regulators, suffered a data breach and the hackers made unauthorised wire transfers from client’s accounts. They reported two more incidents of data breaches after that.

In 2020, Absa also suffered a data breach where sensitive information was stolen.

What are the consequences of data breaches on individual traders？

1. Loss of funds

If hackers are able to get unauthorised access to your trading account, they could initiate withdrawal of funds by wire transfer. If the attack goes undetected, then the broker could transfer the funds without ever knowing that it was not authorised.

2. Repeated attacks

Hackers could also sell your data on the black market, so your data ends up being in the hands of several hackers. This will make for repeated attacks from various hackers.

How do hackers target traders？

1. Phishing attack

Phishing is the act of sending email addresses to targets using look alike email addresses of big organisations with the intention of deceiving the target into revealing personally identifiable information.

The email addresses could be misspelled and look similar to the authentic email address. According to a 2019 data breach report, 32% of breach cases involved phishing techniques.

2. Malware

Malicious software or malware refers to software programs written by hackers and specifically designed to gain unauthorised access to a network.

Malware includes:

• Spyware that collects user data without their knowledge. The spyware could even log your keystrokes.

• Adware that loads virus infected pop ups of adverts.

• Trojans that clone popular apps but are actually viruses.

3. Stolen credentials

Instead of going through the trouble of phishing and malware deployment, a scammer might simply choose to steal your log in credentials via shoulder surfing.

Shoulder surfing refers to physically spying on a target as they key in their login details. A recent survey revealed that the majority of people admitted seeing someone elses PIN without them knowing.

Shoulder surfing can take place anywhere including at home, work, or ATM machines. Hackers know people usually use the same PIN for various apps, so if a PIN is stolen at the ATM machine, it could be tried on your trading app.

How do I know I have been hacked？

1. Inability to login to the trading app

Most times when there has been a data breach, hackers change the password of your trading account to prevent you from gaining access and discovering that funds are being moved.

2. Withdrawal alerts

When hackers wire money out of your trading account, you should get alerts on your mobile number or email - and this should let you know your account has been compromised.

3. E-statements

Traders should download and study their e-statements regularly, as this will clearly show any fraudulent withdrawal of funds or suspicious activity in the trading account.

How to protect against these cyber threats？

1. Use two factor authentication (2FA)

This is a process of verifying a users identity by requesting two forms of evidence. It is a combination of something the trader knows such as a password, plus something the trader has such as a SMS or call to your mobile phone to which a verification code will be sent.

2. Install antivirus software

An antivirus program inspects software programs already installed in your device and executable files about to be installed on your device and makes sure they dont contain malware.

Installing a good antivirus program on your phone or computer will help detect dangerous spy apps.

3. Ensure your broker is POPIA compliant

The wide use of the internet in South Africa means information is easy to access and is subject to abuse. South Africa Protection of Personal Information Act (POPIA) mandates responsible parties like brokers, to ensure they only collect data that is necessary from clients and to safeguard this data or else they will be liable to sanctions in the event of a breach.

As a trader or investor in South Africa, always ensure your forex broker or stock broker is POPIA compliant.

4. Allow Apps to access only relevant information on your device

When installing any app on your device, it will ask for permission to access certain information on your device such as your contacts, camera etc. only grant permissions that are relevant to the app.

For example, a forex app has no business asking for your medical records or other information stored in your device.

5. Hover before you click

If you receive an email with a link, dont click on it yet.

Use your cursor to hover over it and a small window comes up displaying the real address associated with that link. If the address that pops up matches the link, then you can go ahead and click.

6. Scrutinise cold calls

A person could call you up with a strange number and claim to be from your brokerage and ask you to do something.

Before complying, contact your broker on the phone number registered on the Financial Sector Conduct Authority (FSCA) website or on the number you know to be their registered number to verify if the broker or their representative has actually called you from an unknown number.

7. Use strong passwords

Your trading app passwords should be difficult to guess. Do not repeat passwords or use numerical extensions to the same password like apple1, apple 2 etc.

One password should not be used for different sites or apps so that if there is a breach, it is limited to just one app and there is no collateral damage.

A strong password should be alphanumeric, contain special characters, and contain capital letters and should not be the name of a spouse, child, etc. example B91*e0p@

8. Use a password manager

If you have trouble remembering all your passwords you could install a password manager app. This app will secure all your passwords and login credentials in a vault and also help you generate strong, unbreakable passwords.

9. Be careful on social media

Studies have shown that most cybercrimes are linked to social media. You should limit the amount of information shared on social media as this could be used to guess answers to your password retrieval and security questions.

Example, some password recovery questions ask for your spouses name and a hacker could get this information from your social media page and beat the security question verification process.