The Kaa Chonjo (Be Alert) Campaign by Kenya Banker’s Association has taken proactive steps to address the issue of fraud across card, mobile and online channels. Public awareness campaigns play a crucial role in educating our consumers about potential risks and empowering them with knowledge to protect themselves. KBA X VCB PLC campaign messages, therefore, included financial literacy advice and tips on preventing digital fraud in line with emerging trends. By promoting these measures, we can contribute to creating a safer online environment for consumers and help reduce the risk of fraud. Ongoing communication and updates are also crucial to staying ahead of emerging threats in the rapidly evolving landscape of online security.

Social engineering is a scam in which an online criminal tries to trick a person into acting against their own best interests. Usually, the action results in the victim providing confidential information (like their login information) or installing malware on their computer.

There are four common qualities found in most social engineering attacks, and if any of these are present, the risk of a fraud is significantly higher.
• Did the message arrive unexpectedly?
• Is it the first time the sender has asked you to perform the requested action?
• Does the request include a stressor, such as “you need to do this now”?
• Can performing the request harm your interests?

If you answer yes to all of them, you should go out of your way to confirm the request is legitimate. Use a trusted method like calling or texting the sender before taking any action.

Not every message with these four traits is absolutely a social engineering scam. Our email inboxes, voicemail and postal mailboxes are full of unexpected requests; that is life. But when these four traits are present, stop, look, and think before you act!

Source: KnowBe4.com

Stay alert and think before you scan to avoid falling victim to a cybercriminal’s attacks.
Don’t let cybercriminals rob you of the convenience of using QR codes. Keep yourself secure by following these tips:

• Use the built-in QR code scanner in your device’s camera app.
If your device doesn’t have a built-in scanner, only download a trusted third-party scanning app from your device’s official app store.

• Check for physical tampering before you scan.
Cybercriminals can generate malicious QR codes and print them as stickers to cover up legitimate ones.

• Review the link displayed on your device’s scanning app before you click.
Look for spelling errors, misplaced characters, and shortened web addresses, which are signs of a malicious website.

• Never enter sensitive information into a website you were directed to by a QR code unless you’re certain the site is legitimate.

• Always ask an employee to verify any QR codes posted in or around a business, and never scan QR codes placed in random locations.

Source: KnowBe4.com