Banks in East Africa have lost some KSh170 billion to Internet fraudsters, according to UK-based e-commerce security firm Cyber Security Africa.
The research firm says this is attributed to loose ends in the legal, policy and infrastructural inadequacies in the financial sector in the region. More worrying is that 60 percent of all East African banks are at risk of being infiltrated.
The figure is far much higher than a figure by audit firm Deloitte that put the amounts local banks lose to fraud at just KSh4 billion in 2011, a 25 percent increase from the KSh2.9 billion figure. In the report conducted by Deloitte, the audit firm blamed this on the employees of the bank as well as the increased level of penetration of the Internet within the region.
What worries cyber security firms the most is the increased use of mobile phones to carry out transaction with mobile transactions well developed in especially Kenya, Cyber Security Africa said. According to the Central Bank of Kenya (CBK), over KSh375 billion were transacted through phones in the first quarter of 2012 alone.
The experts warn that the level of sophistication is growing with hackers using among them PDF files to gain access information in mobile phones hence illegal access to mobile phone based transactions.
Banks also need to give various level of access to employees with new and junior employees having access to large amounts hence the increased occurrences by employees to transfer funds to unauthorized accounts.
Worse still is the fact that banks have a tendency to hide such information as a way of protecting their reputation, the study revealed.
The revelation comes even as the Kenyan government said on Tuesday that it would assign Internet users virtual identities to reduce cases of cyber crime.
The new figures confirm earlier studies and reports indicating that many companies in the region are ill-equipped to tackle increasing cases of cyber crime.