Stakeholders in the cybersecurity space have pointed to data and information leakage among staff as key factors exposing organisations to cyber attacks.
The experts disclosed this at the Fraud Awareness Week 2025 hosted by UBA at the UBA headquarters in Lagos.
Bright Anyanwu, senior compliance manager & MLRO, West & Central Africa, Yellow Card, speaking during the panel session themed: Combating fraud risk and cyber theft in digital banking insists that data leakage from staff have contributed to the heaviest cyber attacks in organisations, especially financial institutions.
“We have a lot of GenZs in our organisation. If you break down your staff you find out that about 60 percent of them fall in that category. They share a lot of information both online and with their friends. They are not like the old ones that literally keep things to themselves.
“People are sharing a lot of data and that is why I said the biggest fraud risk in the bank is that which is caused by their own staff knowingly or unknowingly,” Anyanwu said.
He added that this is the reason most heaviest and successful fraud attempts are carried out in financial institutions due to internal leakage of information, warning that staff must apply all possible measures to ensure data protection and avoid information leakage.
Anyanwu also disclosed the need for compliance while bringing new products innovation to strengthen security.
“Today many banks are innovating in terms of product without carrying the compliance team along and this is where we get wrong.
“Innovation is important but we have to prioritise security around this.Security by design should be the mindset of every innovation.”
He warned that scammers are always busy sharing and designing templates which can put them a step ahead of targeted organisations, urging institutions to collaborate on protective measures, share ideas and continue to stay ahead of trends to curb cyber attacks.
Okedare Fiyinfolu, Director, consulting, Forvis Mazars said consistent manipulation of human behavior is also a big factor fueling cyberattacks, calling for more awareness and cyber intelligence.
“We must move from technical awareness to behavioral awareness. A customer must know how to respond to cyber threats.
“Fraud has taken a different shape in different countries, so education and awareness is very important. Cyber intelligence is very important and it has to be a continuous thing to protect the digital ecosystem of the country.”
According to him, it is also important to go beyond staff awareness to customer awareness, noting that most fraud attempts start from customers who are ignorant of cyberattacks before spreading to the bank.
“The manipulation even comes to customers and not only the infrastructure of the bank because customers serve as the first layer of defence and can even protect themselves, protect the bank and move from a victim mentality to actually defenders that can protect themselves and identify any form of scam as they come,” he added.
The stakeholders, however, call on regular awareness and campaigns at grassroots level to combat the rising case of cyber crime among financial institutions.
