National Bank of Kenya (NBK) on Friday said it had stopped an attempted multimillion shilling cyber transfer of deposits to mobile money accounts, a technique at the heart of massive bank theft locally and internationally.
NBK chief executive Wilfred Musau said the mid-tier lender caught the attempt quickly enough to halt movement of funds by the criminals.
“I confirm that there was an attempted fraud in normal course of business on January 17 but the bank monitoring and security resources frustrated the attempt,” Mr Musau said.
“The amount of attempted fraud is about Sh29 million and we are confident to recover all the cash.”
Unverified news circulating at the weekend had claimed large amounts had been stolen. He said customer accounts were not affected in the attempted heist but did not clarify whose accounts had been affected.
“Security forces are in pursuit of the fraudsters and investigations are ongoing, customer accounts have not been affected,” he said.
Banks have recently stepped up use of internet and app-based banking as they run away from the costly business of bricks-and-mortar.
The most popular part of the new apps USSD code transfers from bank account to mobile accounts given that the later has over 28.2 million active users.
The National Bank incidentally launched its app in September last year and has invested well in marketing is. The bank last September switched to the latest version of BankFusion Universal Banking (BFUB), a core banking software by London-based tech firm Misys. It said then the new platform also integrated Islamic banking functionalities.
Information Communication Technology Association of Kenya secretary-general Kamotho Njenga earlier said since most banks have embraced online financial transactions they have become soft targets for cyber-attacks.
Kenya lost about Sh18 billion to cybercrime in 2016, according to an ICT security survey conducted by the Kenya National Bureau of Statistics (KNBS) and the Communications Authority (CA).