Security

Scammers Exploit Bin Laden's Death

Unsuspecting Africans using online banking services are being swindled by scammers since the killing of Osama Bin Laden was announced last month.

The scammers have been tricking people in the region into downloading compressed files that supposedly show a gruesome photo of Bin Laden after being shot by American forces. The files carry the so-called Banload Trojan, which can download software to monitor online banking sessions and direct online payments into wrong accounts.

The Banload Trojan, also known as Troj/Banload-M, includes functionality to download files, access the Internet and communicate with a remote server, according to antivirus vendor Sophos.

Most bank customers in Africa are now able to pay utility bills, view their bank statements, transfer funds, download banking application forms, request foreign exchange rates and buy airtime for mobile phones online.

Online criminals commonly use shocking or sensational headlines in e-mails to lure people into falling for scams. Like many other bank customers in Africa, some online banking users customers in Zambia claim they have lost huge sums of money to scammers over the past week.

Eager to see the dead body of Bin Laden, customers have ended up downloading the Banload Trojan.

"I was shocked last week when I went to withdraw money to pay for my school fees to discover that the account was empty," said David Tembo, a Zambian victim of cybercrime. "The bank told me I had made a transfer which I never did."

Another bank customer, Mwape Mwale, said, "I went to the bank to get money for my business trip. But nothing has been left in the account and the bank has no idea about how my banking details were given out."

Nigeria is Africa's largest telecom market by subscription and investment and tops African nations on cybercrime. Very few banks in Africa that offer Internet banking services are able to offer security software to curb the attacks. The problem has also been compounded by the fact that very few African countries have a legal framework for cybercrime prevention or the skills and organizational abilities to fight cybercrime.

Other cybercrime activities have been reported by various banks in Zambia and the East African region. The classic Nigerian banking scam commonly known as a 419 scam is using Bin Laden's death to induce victims into opening e-mail and reading the enclosed messages. In 419 scams, the e-mail messages claim that help is needed to access huge sums money, usually in millions of dollars. In fact the money does not exist.

Other e-mail scams seen in the last week involve messages that include links to what look like news items about Bin Laden's. But instead of seeing news, people end up on promotional sites for products such as window replacements.

Africans are interested in seeing Bin Laden's corpse in order to be convinced that he is dead, following the Al-Qaeda terrorists bombing of targets in Kenya and Tanzania that resulting in the deaths of 224 people in the two countries in 1998.

Kenyan President Mwai Kibaki said the killing of Bin Laden is an act of justice to many Kenyans who lost their lives and many more who were injured. Despite the death of the terrorist mastermind, fears are still high in the East African region particularly, of possible retaliation by Al-Shabab, an Al-Qaeda arm operating in stateless Somalia. Last year, Al-Shabab's bombing attacks killed at least 76 people in Kampala, Uganda, as retaliation against the government sending peace-keepers to Somalia.

Subscribe to the Security Watch Newsletter

Comments