Banks cautioned over online scam by hackers  

The government has asked the management of state owned commercial banks (SoCBs) to be highly cautious and take necessary steps to avoid any online fraudulent activities by hackers, official sources said.

The ministry of finance (MoF) alerted chief executives of SoCBs at a recent meeting while reviewing the safety measures of online transaction system of banks, they added.

bbThe caution came following detection of forgery of US$0.25 million of Sonali Bank Ltd by hackers through hacking SWIFT (Society for Worldwide Interbank Financial Telecommunication) message.

“We have asked the bankers to be very cautious in handling online transaction system to avoid any incident of forgery by hackers,” a senior MoF official told the FE Monday.

He said hackers are very much active in online platform to intrude into online transaction system of banks and financial institutions to take away money.

“We also asked the CEOs of the banks to take necessary measures to keep online transaction system secured,” the official added.

The MoF also asked the Sonali Bank Ltd and its entity in the United Kingdom recently to equally bear the loss of US$0.25 million incurred due to an incident of hacking SWIFT account by hackers.

In June last year hackers swindled the money through hacking the SWIFT password of two officials of Sonali Bank’s Shilpa Bhaban branch in Dhaka. Hackers sent a false SWIFT message from the said account to Sonali Bank UK asking to transfer $0.25 million to a bank account based in Turkey.

After receiving the message from Dhaka the Sonali Bank UK issued a payment instruction to Natwest Bank PLC London in favour of M/S Durdu Topcuoglo of Besiktas branch of Turk Ekonomi Bankasi AS.

The forgery was detected immediately and a day after the payment was made in favour of beneficiary, the Sonali Bank requested the Turkish bank to return the money.

However, the money could not be given back since the beneficiary withdrew the money just after his bank account was debited.

The concerned officials of Sonali Bank’s Shilpa Bhaban branch informed the bank authority that they did not send the SWIFT message. The Mumbai-based SWIFT solution service provider Nelito System Ltd informed the Sonali Bank authority that the internet protocol address which was used to create the SWIFT message was based in London.

Sources said after the incident the bank authority took various steps to recover the money and sought help from different institutions. The Computer Science and Engineering Department of Bangladesh University of Engineering and Technology (BUET) was engaged to carry out technical examination to check how the incident happened.

The Banking Regulation and Supervision Agency (BRSA) of Turkey advised the Sonali Bank authority to file case against the beneficiary of the account in Turkey to recover the money.

However, the Sonali Bank authority is yet to file a case since the legal advisers opined that recovering the money through filing case in Turkey will be very costly and time consuming. They also said expense of litigation may surpass the amount swindled by hackers.

Another MoF official said since the incident occurred due to mistakes of both the Sonali Bank and its UK entity and, therefore, the duo have been asked to equally bear the loss.

He said the incident could have been avoided had the officials of Sonali Bank UK acted cautiously and rechecked the SWIFT message with the Shilpa Bhaban branch before making payment instruction.