Many Ugandans are complaining of losing their hard earned money that has been banked in different Ugandan banks. I posted this elsewhere in response to a question on why some customers of centenary and equity have been losing money. I thought a couple of less tech savvy Es herein might find it helpful too:

Running some of these institutions (especially the tech side) is harder than you might expect. There are so many potential loopholes. These guys try their level best but sharp hackers and social engineers (like the one that connived with an employee) always find their way. Let’s look at all other businesses. You close one loophole your employees are using to steal your money and the following morning they create another one. This is the vicious cycle many entrepreneurs are in. Unfortunately, Ugandans are so lax about cybersecurity which makes it easier to compromise systems and take people’s money.

Take for instance, of the people that use mobile banking, how many of us here use our nicknames, date of birth, or even the word “password” as your password? How many of us access this sensitive data using public WiFi?

How many of us log into these platforms and use the “save password” feature so that you do not manually input the password every time you want to access your money? Imagine your phone is stolen or “borrowed”. Wouldn’t someone access all your bank details without your knowledge?

Others save their bank password on their Google account. What happens when your Google account is compromised or just accessed erroneously? Let’s assume for a second that your Google account is your safest place.

Why, then, do you log into a random friend’s or cafe’s computer and you don’t log out? Do you know one can use that to access all your saved passwords? I demonstrated this to a friend a few weeks ago. She borrowed my computer, logged into her Google account and didn’t log out. I was able to use just that one loophole to access her debit card details, netflix password, dstv password, password to her second Gmail account (which had more sensitive personal and org data) and her work contract in her presence. This was the quickest cybersecurity lesson. No hacking involved! She’s more careful with her details now.
Remember, I’m not a hacker. I was just using basic bypasses. It could have been worse!

Let’s talk about your bank debit cards. Why do you share the CVV (number on the backside) with other people? The moment someone has your debit card number and CVV, they can make any transaction they want with your card. I know some banks add the extra layer of calling them to approve any transactions but most people instruct then to open their cards indefinitely. So, this makes it easier for unscrupulous people to access your money.

As you can see, it’s not always the banks fault that our money is stolen (of course sometimes it is). So, we need to play our part too. Most of these don’t necessitate someone to have advanced hacking skills like we see in movies. It’s just simply taking advantage of your carelessness. I hope this helps a person or two whose money was at risk of “disappearing” soon.