TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
Fighting social engineering in financial services
Financial literacy is defined as knowledge and skills that influence a person’s attitude and behavior to improve the quality of decision-making and financial management.
Change Size
Fighting cybercrime: Women use their smartphones at a cafe in Jakarta on Jan. 3, 2018, the same year Indonesia set up a new cyber agency to fight hoaxes, hate speech and extremism spread online. (AFP/Bay Ismoyo)
T
he Financial Services Authority (OJK) issued on Dec. 20, 2023, Regulation (POJK) No. 22/2023 on consumer and public protection in the financial services sector, which outlines the guidelines and strategy to prevent social engineering.
The phenomenon of social engineering was one of the highlights of the financial services sector in 2023. The OJK recorded that 72,618 out of the 1,116,175 consumer complaints it addressed in the first half of last year were to do with social engineering and other fraud.
Social engineering is a method of fraud that manipulates psychological aspects and takes advantage of human error factors to obtain access to data or information that is personal and economically valuable.
According to the OJK and British management consulting firm PricewaterhouseCoopers, social engineering works through narratives that (i) include the use of false names or identities, (ii) attract interest or curiosity, (iii) induce fear or threats and/or (iv) create a sense of urgency.
Therefore, it encourages someone to provide access, data or personal and economically valuable information, such as bank accounts, credit cards and other assets. Social engineering also encourages humans to act irrationally and impulsively and not to make enough precautionary efforts to prevent mistakes, omissions and human error.
Social engineering is a phenomenon that has been around for quite some time. One example is the text message lucky draw scam. However, social engineering still causes losses and poses a threat to society today in the digital era due to the constant evolution and innovation of the actors and methods, in parallel with the development of technology and information.
The OJK reported that the value of losses due to social engineering and other fraud from 2017 to 2022 amounted to Rp 138 trillion (US$8.8 billion). One example of the most recent development in social engineering practices is the Android package kit (APK). In January 2023, the Directorate of Cybercrime of the National Police arrested 13 perpetrators of social engineering crimes who used APKs modified to resemble wedding invitations. This method allowed them to access and loot the mobile banking and digital wallets of 483 victims, amounting to Rp 12 billion.
