The service allows users to get money from cash machines, even if they don’t have their bank card but unscrupulous thieves have stolen thousands of pounds by hijacking the mobile phone app which offers the service.
Around 1.7 million customers use the banking app from NatWest, which allows them to not just check their balance, but also pay bills and transfer money. However, part of the service also includes the innovative Get Cash initiative, designed to help out customers who need to access their money, but don’t have their card on them.
The system works by a temporary code being requested, which is valid for just three hours, during which time users can withdraw up to £100. The scheme is subject to a daily maximum to prevent users from simply requesting multiple codes.
But despite being launched to a great fanfare – not to mention a high profile TV advertising campaign – NatWest have been forced to admit the security is not as tight as it could be. For this reason, they have temporarily removed the Get Cash part of the banking app, but insisted it will be re-launched once security has been beefed up.
The attacks appear to have been carried out following on from ‘phishing’ episodes, where users were sent fake emails purporting to be from NatWest, which requested passcodes and personal information to be revealed.
Experts have suggested that all smart phones are equipped with anti virus software and that no key financial information or passwords are stored in the memory. Individuals have also been urged to refrain from using public WiFi systems to carry out transactions of a sensitive nature, such as financial, as the risk of being hacked by fraudsters is much greater.