Observing the mobile phone PIN or password and stealing the phone is a common attack method.
Attack Method
- Observing the victim while entering the PIN/password on his phone
- Stealing the phone (from his pocket, bag)
- Entering bank applications
- SMS verification codes on the phone
- Account dumping
Related Crimes
- TCK art.245 bank card crimes
- TCK art.158/1-f IT fraud
- TCK art.142 theft
- TCK art.135 personal data
Prevention
- Look around while entering PIN
- Face recognition/fingerprint preference
- Password long and complex
- Bank application additional password
After Victimization
- Call the bank and block all accounts
- SIM card freeze
- Change all account passwords (mail, social media)
- Complaint to the public prosecutor's office
- EGM Cyber Crimes
Bank Liability
- If 2FA is not used, the bank is partially responsible
- If the anomaly detection system is insufficient
- SMS verification is insufficient
Supreme Court 11. HD
11. HD adopts that the sharing of responsibility between the bank and the customer will be determined according to the "security infrastructure".
IT and bank lawyer is recommended.