Netherlands Financial Institutions Brace for Increased Cybercrime Threats: What Consumers and Industry Players Can Do

Amidst a surge in digital innovation, cybercrime poses a growing danger to the Netherlands’ economy and financial system. In this article, we discuss the risks, common cybercrime jargon, and preventive measures for both consumers and financial institutions.

Risks for Consumers and the Financial System

The convenience of digital payments and online banking has significantly increased in popularity, but this advancement has also given rise to new types of crime. With cybercriminals increasingly targeting consumers and financial institutions, the number of successful attacks on banks doubled between 2018 and 2020. Recently, 5% of pension funds and insurers reported becoming victims of cyberattacks in 2021. These attacks can result in the theft of large sums of money or customer data, causing major disruptions and potential collateral damage to other financial institutions. In the worst-case scenario, a cyberattack could disable all electronic payments, causing significant damage to the economy and society.

Understanding the Cybercrime Lingo

• Spoofing: Criminals pose as someone else, often mimicking a bank’s website or telephone number.
• Phishing: Cybercriminals use deceitful websites or emails to trick individuals into divulging their bank login details.
• Smishing: Phishing via text messages (SMS).
• Ransomware: Cybercriminals take control of a computer and hold it hostage, demanding payment in exchange for restoring access.
• DDoS Attacks: Overwhelming a website with massive amounts of traffic to make it unavailable.
• Malware: Malicious software allowing cybercriminals to access or harm a computer.

What Consumers Can Do to Protect Themselves

Given the risks, it is essential for individuals to take precautions to prevent becoming a victim of cybercrime. Here are a few crucial steps to safeguard your digital transactions:

1. Never share login details with anyone: over the phone, via email or through third-party channels, except as prescribed by your bank.
2. Install the latest security updates: for the banking software on your laptop, tablet, or smartphone.
3. Review bank statements regularly: for unauthorized transactions.
4. Report any suspected incidents: to your bank promptly and follow their instructions.

Stay informed about best practices to protect your digital footprint by visiting the following Dutch resources:

• Veiligbankieren.nl
• Alertonline.nl
• Veiliginternetten.nl

What Financial Institutions are Doing to Combat Cybercrime

Financial institutions are equally invested in securing the online banking landscape. Each year, they invest significant funds to safeguard their systems against cyberattacks and collaborate closely with law enforcement agencies. Additionally, they share threat information and join forces to educate the public, as shown through the successful Dutch information campaign on secure banking. Some resources for more information include:

• Dutch Banking Association
• Dutch Payments Associations

What DNB is Doing to Fortify the Financial System

At De Nederlandsche Bank (DNB), we are dedicated to maintaining the stability of our financial system and economy. Given the increasing threat of cybercrime, we focus on ensuring that financial institutions remain resilient:

1. Regular test attacks: We perform regular test attacks on banks and other financial institutions in our core payments infrastructure to evaluate their cybersecurity defenses using the TIBER (Test ICT Branche Infrastructure Resilience) programme.
2. Crisis drills: We collaborate with financial institutions on crisis drills to practice responses to severe disruptions of the payment system due to cyberattacks.
3. Supervision: As part of our supervision, we check that financial institutions effectively manage their IT, including cybersecurity, for vital institutions like banks and critical links between shops and banks.
4. European collaboration: We work alongside financial institutions and the government to share information and provide input for European laws and regulations addressing emerging cybersecurity risks, such as increased outsourcing of IT processes.

Besides cybercrime, securing online privacy is essential, especially as individuals share their personal data with financial institutions and other firms. Financial institutions can only share your data with your consent under the revised European Payment Services Directive (PSD2). For more information, please visit our PSD2 page. The Dutch Data Protection Authority monitors and enforces data protection laws.