Following the recent circulation of a voice note in which a customer shared their experience after being
defrauded of J$31,000 through a ‘vishing’ attempt by scammers, National Commercial Bank Jamaica
Limited (NCB) has urged customers to stay vigilant against fraudsters while seeking to clarify what it said were a number of incorrect allegations made about the Bank’s operations.

In the now-viral voice note being shared on instant messaging platform, WhatsApp, the customer recounted how she unwittingly divulged personal and private information to a fraudster, who called purporting to be an employee of NCB’s BPO service provider, which assists with providing customer service to the Bank’s customers.

NCB, in a release, sought to reassure customers that the allegations that NCB had ‘turned over’ customers’ banking information to a call centre were false and misleading as, the Bank said, it has remained unwavering in its commitment to protecting its customers’ data.

“It is unfortunate that so many banking customers worldwide continue to fall victim to scams like vishing,
phishing and smishing,” said Dane Nicholson, manager of special investigations in NCB’s Fraud Prevention Unit.

“This is where fraudsters are calling, emailing and texting them, and getting them to disclose their personal details, which are then used to gain access to their bank accounts. These fraudsters are always being creative and finding new ways to fleece unsuspecting customers out of their money, but the strategy is usually the same. So we need customers to be more vigilant in protecting themselves and their money.”

Added Nicholson: “We need customers to understand that they should always be wary of unsolicited emails, calls and texts raising alarms about their accounts, and requesting their personal, private information to ‘fix’ the issue. This is always a red flag!”

He noted further: “NCB does not send customers emails or text messages requesting them to click on any link to take action. NCB maintains a no click policy so that it is easy for customers to identify and protect themselves against phishing and smishing attacks.”

According to Nicholson, neither NCB nor its service providers would ever contact a customer to request
information such as their user name, PIN, token code or answers to typical security questions like ‘date of
birth’, or ‘mother’s maiden name’.

“While we ask customers to verify their identity by answering security questions when they call our Customer Care Centre, we never make unsolicited calls or send messages requesting their private information. Customers have to call us first, or request a call-back from us, which will only come from our approved customer contact numbers,” Nicholson added.

NCB lists its approved contact numbers as:

• 876-618-5622, 876-929-4622
• WhatsApp message only (no calls): 876-469- 2230
• Surveys only: 876-728-7030
• Whatsapp Chatbot: 876-613-9160
• Collections Chatbot: 876-613-9147

“In instances where customers need assistance to re-sync a security token, our agents will ask them to share the token code. However, customers have to be the ones to call us first to request assistance with
this.”

Nicholson clarified also that NCB’s customer service providers are contractually obligated to the same
level of privacy and confidentiality as all other employees of the Bank, and all measures are taken to
ensure that customer data accessed by agents cannot be shared outside of the organisation. These
include the use of a paperless environment, where mobile phones and other recording devices are
prohibited, and all calls are monitored.

He said further that customer details such as their passwords and PIN numbers are not accessible to anyone in the organisation, or its service providers.

He added: “We have invested billions of dollars in tools to protect our customers against fraud. However, the most important defence is each individual fiercely protecting their information. It doesn’t matter who it is – do not share your PIN, password or other personal details with anyone. Never let anyone rush you into sharing these details either – if you are in doubt, get in touch with us and we will verify if there is any issue with your account.”