Cybersecurity failure: my experience

in Hive Learners4 months ago

One thing I have come to realize over the years is that we always end up with new problems while trying to solve a problem. What do I mean? Back when the Internet was still in its infancy, we didn't hear a lot of cybersecurity stories but as technology improved and the old way of doing things became easier, we now have another problem to worry about; keeping ourselves safe in the digital space. I remember how in Nigeria, internet banking wasn't that common because a lot of people didn't have access to the Internet back then, cybercafes were still a thing but people didn't bother to use them for banking services.

So, banking services were done in the more traditional way; visiting the bank for whatever you want to do. Over the years, mobile banking has become more popular as people can easily carry out transactions through their bank's mobile app or USSD codes. That makes things a lot more convenient but also introduces a higher risk of losing all the money in your account if you're not careful. Aside from mobile banking and its risk, social media also has a similar risk in the sense that fraudsters and hackers can hack into your accounts and do whatever they want with it.

Two of the most popular social media platforms where these hacks are commonly carried out are Facebook and Twitter. I have friends that have lost their Facebook accounts to hackers and they couldn't recover it. Of course, this problem exists in other social media platforms like Instagram, WhatsApp and even Discord but it isn't as common as the two I mentioned earlier. Speaking of Twitter, my experience with a cyber security failure is directly tied to Twitter and this happened last year, during July.

I was in my final year at the university and doing my final project, so I was broke during this period. I had around 5k in my account and I tried to withdraw it from a POS agent but unfortunately, the transaction didn't go through and I was still debited. Kuda bank usually reverses such failed transactions within hours but I waited for 2 days and I didn't see any reversal. I later got 20k from one of my investments and I withdrew 5k, leaving 15k in my account. I have reported to their customer care email so many times but I never got any reply, so I decided to bring the problem to their Twitter account.

I looked for one of their Twitter posts and made a rage comment about my 5k that they have refused to reverse. They replied to me within a few minutes and told me to chat with them on Whatsapp. I was happy that I was now getting a fast response, so I immediately messaged them on Whatsapp. They gave me a form to fill, and there they asked for my pay ID. I didn't even know what pay ID was but luckily, there were instructions on how to get it, so I went to my bank app and copied the pay ID, added it to the form and submitted it. I patiently waited for the resolution and after a few minutes, I got a bank alert

I was excited but when I looked at the alert very well, the excitement died. Instead of a credit alert, I got 2 debit alerts, and that was how my account was emptied. I couldn't believe my eyes and I immediately knew that the way they got into my account was through that pay ID, so I went back to the bank app to actually see what the pay ID does. That's when I realized that it's a way to pay for something online without using a debit card. And you know what is crazy? On the exact page where I copied the pay ID, there is a strict warning which you can see in the screenshot below.

"Kuda will never ask you for your pay ID" but I didn't even see that initially or maybe I ignored it. It was after the hack had happened that my eye was now cleared 😅 Do you know what is crazier? The Twitter post where I made that comment and got contacted by the scammer was talking about this pay ID and warned to never show it to anyone because it's just like a password. I fell victim to the exact thing they warned me twice for. Because I wasn't patient enough and was trying to get back the 5k, I ended up losing 15k. After that happened, I finally calmed down and the money was eventually reversed to my account after 4 days but unfortunately, I have already lost 15k.

That experience taught me that you can never be too careful when it comes to cybersecurity. I'm someone that is always careful about my digital details and I know most of the ways scammers operate but unfortunately, I didn't see that one coming. I always believed that as long as you didn't expose your password or send any otp code to a random stranger who is pretending to be calling from your bank, then your bank account can't be hacked into. I had to learn the hard way that pay ID can be used to access the money in your account as well, and I would have realized that if I hadn't rushed to get that issue resolved and failed to notice all the red flags.

Anyway, I learned a good reason from that incident and one thing I used to console myself back then was that it could have been worse and that is because my school fees were initially in that account but I moved it to another one a few days earlier. Also, I had another account where I kept all the money budgeted for my final project, it would have been crazy if I kept all my money in that account, and that's why I'm glad that I always keep money in different bank accounts. That was the first time something like that happened to me, and it made me realize that it can happen to anybody.

Bonus

Since we are on the topic of cybersecurity, my fellow Nigerians, do you know that your NIN and BVN details are being sold online for as little as N100? I came across the news a couple of months ago and it's a website called "AnyVerify", where anybody who knows your full name can just pay N100 and get your entire details, including BVN, it's crazy, right? The website has probably been taken down by now but this is not even the first time, a similar one was exposed last year and who knows, maybe others still exist. In conclusion, your identity is available online for a cheap price, and anyone can get access to it and do whatever they want with it, maybe to collect a loan or something worse.

Thanks for reading

Connect with me on:
Twitter: @kushyzeena
Readcash: @kushyzee

Lead image: Created with Canva
Second image: Image by DC Studio on Freepik
Third image: personal screenshot
Fourth image: Image by DC Studio on Freepik
Sort:  
 4 months ago  

woah, this experience of your Kuda bank got me laughing at some point, lol. You really had a lost there but it taught you a lesson of patience. Your content are educative friend and I enjoyed reading this piece.

 4 months ago  

I have now learned to calm down and be patient when it comes to matters concerning money 😅 thanks for stopping by

 4 months ago  

You must have being so pissed at yourself for not noticing the warnings. Leaving a complain on X is a common thing so scammers have found a way to clone account like that of any bank's customer service account and also chat with you in the same manner the real account does.

It's crazy that's a random person can get someone else's NIN, crazy things are happening .

 4 months ago  

When I lost the 15k, what even pained me the most was that the signs were there but I totally ignored them and fell for a ridiculous scam. Anyway, I have learned my lesson, thanks for stopping by

 4 months ago  

Finding out that the signs were there but you didn't see them would surely make you more pained.

You're welcome chief.