Standard Chartered’s Consumer, Private and Business Banking (CPBB) business launched an internal phishing campaign to refresh colleagues’ awareness of this kind of fraud to further help protect clients. This comes at a time when latest stats from a variety of global sources show that phishing attacks are at an all-time high:
- Particularly targeting the wealthy: the richer you are the more likely you are to fall victim to financial scams (1).
- The National Cyber Security Centre (NCSC), a UK government organisation, received 12 million reported scams as of June 2022 (2).
- The international coalition Anti-Phishing Working Group observed 1,025,968 total phishing attacks in the first quarter of 2022 (3).
- The ENISA (European Union Agency for Cybersecurity) Threat Landscape 2021 report highlights that compromise through phishing e-mails remains one of the two most common ransomware infection vectors (4).
During July 2022, the first CPBB campaign of its kind ran various activities for employees globally, including situated in London, Dubai and Jersey, to participate in. They comprised interactive webinars featuring subject matter experts and three different brain training games to test phishing awareness across teams. Over 1,600 employees attended the webinars with a large majority feeling more confident in recognising and reporting phishing attacks than beforehand (25%). Additionally, 5,000 employees took part in the phishing games, with 75% obtaining a perfect score.
The campaign compliments fraud resources CPBB already has in place for employees and clients, such as a dedicated fraud information section on the Bank’s internal website, fraud awareness emails and texts sent directly to CPBB clients, transactions monitored across all channels for any indications of activity that may not be aligned with a client’s usual financial behaviour and client text alerts for all payment activity.
Three top tips we highlight to our clients are, emphasising to contact our Client Care Centre or Relationship Manager.
1. Never respond to requests for your password or PIN. Standard Chartered will never ask for your PIN or password. Such requests are likely to be from fraudsters.
2. Look out for email addresses that look suspicious. Check for minor changes, such as email@example.com instead of firstname.lastname@example.org.
3. Don’t click on unknown emails or websites containing links, nor respond to SMS texts. They may contain malware designed to spy on your online activities or steal your information.
Based in Jersey, Gary Taylor, Chief Operating Officer for Europe, Standard Chartered Private Bank, said: “Anyone can be a victim of phishing, no matter where they’re located or how much wealth they have, and private banks have an important role to play helping their clients stay safe against fraudsters.
“Regular and current employee training is essential to raise awareness and prevent phishing attempts, and it’s important that the Europe team participated in the phishing campaign to help give our wealthy clients confidence their personal data is protected.”
Note: What is phishing? Phishing attacks are a means to persuade potential victims into divulging sensitive information such as credentials, or bank and credit card details. They involve a combination of social engineering and deception. The attack usually takes the form of SPAM mail, malicious websites, email messages, or instant messages, appearing to be from a legitimate source such as a bank, or a social network.
(4) ENISA Threat Landscape 2021 — ENISA (europa.eu)