Cybercrime is becoming increasingly common. This is dangerous for you as a consumer, but also for the economy and the financial system. Below, you can read what you can do against cybercrime and what we do at De Nederlandsche Bank (DNB).
Risks for you as a customer…
Digital innovations make life easier when you make payments and do your banking. For example, you can immediately transfer money or pay for your groceries using our card, smartphone or wearable. At the same time, digitisation has led to new types of crime. Consumers are an important target. Criminals try, for example, to gain access to your bank account by means of phishing. While the number of victims of more conventional types of crimes, such as burglary and theft, has steadily decreased in the Netherlands, an increasing number of people fall victim to cybercrime.
…but also for our financial system
Cybercriminals target not only consumers but also financial institutions. The number of successful cyberattacks on banks doubled in the period 2018-2020. 5% of pension funds and insurers were victims of a successful attack in 2021. Cybercriminals try to steal large sums of money or customer data from them. They may also try to put financial institutions out of operation by means of a cyberattack. This could in turn affect other financial institutions. In a worst-case scenario, all electronic payments would be down. This would cause serious disruption to our economy and society.
Ransomwhat? Frequently used jargon
Spoofing Criminals pose as someone else, for example by mimicking your bank's website or telephone number.
Phishing Criminals use falsified websites or emails to obtain your bank login details.
Smishing Phishing using text messages (SMS).
Ransomware Criminals effectively take your computer hostage by making it unusable and demand a ransom.
DDoS attack Someone directs a massive amount of traffic to a website, so that it goes down.
Malware Harmful software that allows criminals to access or damage your computer.
What you can do against cybercrime
All in all, cybercrime poses serious risks. Fortunately, there are several things you can do to prevent becoming a victim. A few examples:
- Never disclose your login details to anyone over the phone, by email or any way other than prescribed by your bank. Your bank will never ask you to share your login details by phone or email.
- Make sure you always install the latest security updates of the banking software on your PC, tablet or smartphone.
- Regularly check your bank account for unauthorised transactions.
- Report incidents to your bank immediately and follow its instructions.
And there is much more you can do. You can find more information on the following websites:
What the financial sector does against cybercrime
Financial institutions also work hard to fight cybercrime. Each year, banks and other financial institutions invest millions of euros to safeguard the security of online banking and other applications. Working closely alongside the police and law enforcement, they also share information among themselves and join forces to educate the general public, such as in the information campaign on secure banking (Dutch only).
What we do against cybercrime
At DNB we are committed to safeguarding the stability of our financial system and our economy. We too are doing much to ensure that financial institutions are resilient to cybercrime:
- We test whether banks and other institutions in the core of our payments infrastructure can withstand cyberattacks, using a programme of test attacks. This TIBER programme was conceived by DNB, but the AFM and other central banks in Europe have also rolled it out.
- We also hold crisis drills with the financial sector on a regular basis to practice our response to fictitious severe disruptions of the payment system, caused for example by a cyberattack.
- As part of our supervision, we also check whether financial institutions adequately manage their IT, including their cybersecurity. This concerns institutions such as banks but also, for example, firms operating as a link between a shop and your bank. We expect them to have their payment systems up for nearly 100% of the time. If a financial institution has shortcomings, we discuss these or may impose specific measures.
- We work alongside and share information with financial institutions and the government.
- We provide input for European laws and regulations. For example, a current trend is that financial institutions outsource their IT processes to an external party, giving rise to new security risks. This is why the European Commission is considering the need for new rules, including on supervision.
Besides cybercrime, online privacy is a subject of vital importance. As you share your personal data with banks and other firms, they must handle those data securely and with due care. Financial institutions can share your data, but only with your express consent, under the revised European Payment Services Directive (PSD2). For more information, go to our PSD2 page. The Dutch Data Protection Authority supervises the processing of personal data.