Transferring and receiving money digitally in a matter of minutes sounds like the perfect scenario, but when it all goes wrong, it can leave you with nothing but an empty bank account. Peer to peer payments are on the rise and by 2021 the nation is set to transfer more than $240 billion via apps and online services.
However, the alarming news that Zelle, which is partnered with 60 of the country’s financial institutions, has been hacked and consumers have lost thousands of dollars after cybercriminals cracked and changed passwords to gain access to their bank accounts is worrisome.
Zelle is marketed as an app which makes transferring cash to your friends and family fast, safe and reliable. Yet, this is not the experience which many individuals have experienced and individuals who have never signed up to Zelle are reporting that their cash has been stolen via the app.
Wells Fargo customer, Brad Miller, lost $2,500 after receiving a notification that his online banking password had been changed and that a new recipient had been added to his Zelle account – an account he didn’t create.
He then received confirmation that the money had been transferred to the named recipient and that there was nothing he could do to stop it. Thankfully, his bank refunded the cash to him, but not everyone is so lucky.
With Zelle, transferring money from one person to another is as simple as typing in the recipient’s cell number or email address and pressing send. It may sound easy, but this is where a major vulnerability lies.
Accidentally typing in one digit or letter incorrectly can make all the difference as Loni Frankland’s daughter, Devin, discovered when she ended up sending her cash to a stranger in Georgia after mistakenly typing her landlord’s first and last name in the wrong way round.
The mother and daughter notified their bank instantly, but Frankland claims they were unable to help and as a result, Devin lost her cash.
Keith Barthold, an expert in Cybersecurity states that hackers are accessing consumer’s bank accounts by using their email addresses and cell phone numbers.
“It’s directly tied to your bank account, and if someone is in it, they’re able to very quickly and irreversibly transfer money from your account to another.”
Therefore, it’s vital that these apps are used with caution and should you notice anything suspicious with your finances or receive any unexpected emails or notifications from your bank, that you immediately take action in a bid to stop your cash from being stolen
A spokesperson from Early Warning the company behind the Zelle Network said, “I wanted to clarify that Zelle was not hacked. In the cases reported, online banking credentials appeared to have been compromised. In these cases, the consumer works with their banks to report unauthorized activity and begin an investigation.”
Zelle has stated that financial institutions must verify that their customers have control of their email address and cell number through verification codes, therefore, it’s vital that checks are done to ensure that all banks are adhering to these rules and that this system is working effectively.
Additional checks for users also need to be introduced, such as two-factor authentication to give people the opportunity to double check that the information they’ve entered is correct and to confirm that they do wish to proceed with the payment.
The enrolment process for connecting to peer to peer transfer apps should be reviewed in finer detail too and as a user, you should ensure you should stay on their guard at all times and regularly review your finances.
As the above cases show, Zelle have left themselves open to attacks by hackers and similar apps as just as vulnerable. Thousands of the nation’s money has been callously taken, so, it’s important that the financial institutions closely linked to these apps carefully review their processes and security.
Individuals should take responsibility too and think wisely before using this technology and always double check the data they input when transferring money.
A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors…
SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers…
The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to malicious…
Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in 2022…
CVE-2024-52301 is a critical vulnerability identified in Laravel, a widely used PHP framework for building…
A critical vulnerability has been discovered in the popular "Really Simple Security" WordPress plugin, formerly…