How to safe­guard your sav­ings

Herald on Sunday - - BUSI­NESS - Diana Cle­ment u@DianaCle­ment

Ahacker just stole your sav­ings. Does the bank have to re­im­burse you? The an­swer could well be “no”. This is scary stuff for any­one with more than a few bucks in their bank ac­counts or a de­cent credit limit.

The first thing some cus­tomers know about fraud on their ac­counts is a call from the bank, which has picked up un­usual trans­ac­tions — of­ten from the likes of Nige­ria or Rus­sia.

Chances are they’ll be re­funded. Yet banks can and do refuse to re­im­burse cus­tomers who’ve breached the terms and con­di­tions. That leaves cus­tomers at the mercy of their bank’s “goodwill” — which they ex­er­cise some­times.

When­ever I read my bank’s terms and con­di­tions, how­ever, it leaves me feel­ing very ner­vous. In most T&Cs you must:

Safe­guard your se­cu­rity de­tails

Yet it’s not un­usual for par­ents to send chil­dren into a shop with their credit card. Nor is it un­com­mon to re­ceive calls pur­port­ing to be from bank staff, Microsoft, Spark or oth­ers aim­ing to trick you out of those de­tails. Even if you’re conned into hand­ing over a Pin or pass­words, you’ve still breached this rule.

Don’t let oth­ers watch

How many peo­ple are 100 per cent sure they’re not be­ing watched from be­hind, or above when us­ing an eft­pos ter­mi­nal or bank ATM, or lis­tened to on the phone?

I’m sure there have been times I didn’t no­tice some­one near me.

Choose unique se­cu­rity de­tails

If you’re like me, you log into dozens of dif­fer­ent web­sites. Have you used your bank lo­gin for any­thing else? How se­cure are your pass­words and do you up­date them? Writ­ing down your Pin or stor­ing it elec­tron­i­cally breaches T&Cs.

Never leave a bank­ing app open

If you leave your ac­count open and unat­tended, say good­bye to be­ing re­im­bursed for theft or fraud that re­sults from your ac­tions. It’s too easy to for­get to log out af­ter do­ing some bank­ing, or to step away from your com­puter.

The banks also re­quire cus­tomers to use anti-virus soft­ware, fire­walls and an­ti­spy­ware on the de­vices they bank on and also to up­date their op­er­at­ing sys­tems when se­cu­rity up­dates be­come avail­able.

The Code of Bank­ing Prac­tice re­quires banks to have se­cure sys­tems and will pay out for a di­rect loss re­lated to a breach of se­cu­rity at their end.

“In short, the code pro­vides that the bank re­im­burses the cus­tomer if s/he is a gen­uine vic­tim of fraud un­less the bank cus­tomer has been neg­li­gent or breached the terms and con­di­tions of their ac­count in some other way,” says Bank­ing Om­buds­man Ni­cola Slad­den.

Slad­den has dealt with some heartwrench­ing cases. The banks are some­times “quick to say the cus­tomer has

Does the bank have to re­im­burse you? The an­swer could well be “no”.

con­trib­uted to the loss”.

But these cases are rarely clear cut, she says. She cites one case where the cus­tomer’s email was hacked over pub­lic Wi-Fi at a United States air­port.

The crim­i­nals then used her email ad­dress to con­tact the bank and re­quest money be wired over­seas from ac­counts that at the time con­tained $100,000.

The Om­buds­man sided with the cus­tomer, how­ever, and did not ac­cept the ac­count hold­ers con­trib­uted to the fraud by ac­cess­ing their Gmail us­ing pub­lic Wi-Fi.

An in­ter­est­ing les­son from this case is I haven’t been that vig­i­lant about delet­ing emails that con­tain doc­u­ments and other in­for­ma­tion that could be used to im­per­son­ate you.

I some­times send signed per­mis­sion slips by email. Had I been this cus­tomer, the hack­ers could get hold of my gen­uine sig­na­ture to copy. I’ve also emailed scans of my pass­port. Ouch.

The Om­buds­man’s files are lit­tered with ex­am­ples where rel­a­tives, care­givers, and oth­ers get their hands on a vul­ner­a­ble per­son’s Pins and help them­selves to money.

There are also nu­mer­ous cases of lovelorn Ki­wis send­ing money over­seas to peo­ple they’ve just met on­line.

Un­less the bank has ex­ac­er­bated the prob­lem in some way by fail­ing to act on sus­pi­cions or let­ting unau­tho­rised peo­ple change se­cu­rity de­tails, for ex­am­ple, the cus­tomer is usu­ally out of luck.

In one case heard by the Om­buds­man a man was mugged and forced to re­veal his Pin. The bank told him it didn’t have to pay be­cause he gave away his Pin.

I’m sure most Ki­wis would as­sume they’d be re­funded if this hap­pened to them. Wrong.

One thing that made me raise an eye­brow this week was dis­cov­er­ing Ki­wis have less chance of be­ing re­im­bursed than Brits or Aus­tralians.

If a New Zealand bank cus­tomer is “neg­li­gent” in re­la­tion to a fraud the bank doesn’t need to re­im­burse.

In the UK that bar is “gross neg­li­gence” and in Aus­tralia it’s “ex­treme care­less­ness”, which means Ki­wis have less pro­tec­tion than cus­tomers in these other coun­tries.

Getty Im­ages

The first thing many cus­tomers know about hack­ing is a call from the bank.

Newspapers in English

Newspapers from New Zealand

© PressReader. All rights reserved.