KINGSTON, Jamaica– The Bank of Jamaica (BOJ) says it has acted swiftly to engage in dialogue, both internally and with the wider commercial banking sector, following the recent highly publicized social engineering attack which resulted in bank customers losing significant sums of money.
The BOJ, which is also the country’s central bank, said that the dialogue with the various stakeholders was to discuss possible steps that can be taken to reduce phishing, smishing, fishing, and other technology-based fraud.
The bank said it recognizes that the increased reliance on technology for the delivery of and access to financial services has resulted in increasing cyber and social engineering attacks locally and globally, too, among other things, stealing data or funds.
Therefore, it has incorporated more robust reviews of banks and other licensees under the Banking Services Act (BSA) using data analytics to assist with faster identification of gaps in systems and measures that could pose a risk for criminal activity, including cyberattacks.
“Additionally, banks and other licensees under the BSA are required to have effective mechanisms and system controls to protect and mitigate against the risk of cyberattacks and other fraudulent activities.
“Given the evolving nature of the cybercrimes landscape, the licensees’ Board and Management are expected to be proactive in managing this risk. Our efforts are also complemented by the Cybercrimes Act, which criminalizes such activities.”
The BOJ said that in recognition of the fact that even with robust technology systems, banking customers may still become victims of fraud through social engineering attacks where they are manipulated into compromising their information, “we implore our licensees to increase their vigilance and be proactive in educating the public on ways to protect themselves and their money.
“The bank has been and continues to be a strong advocate for financial literacy and has been utilizing programs such as “Under the Law” to increase awareness of customers accessing financial services as safely as possible. “
It said it is encouraging banking customers to, “if even in the slightest of doubt, call your financial institution to verify the authenticity of any communication from any email address, text message or via telephone purporting to be your bank before divulging sensitive information, especially if this is information that your bank should already have in its possession.”
and then 