Vodacom at centre of banking SMS scam
Vodacom subscribers scammed out of R 2.4 million; cellular provider dodges questions about safety of SMS banking
Vodacom at centre of banking SMS scam
Vodacom at centre of banking SMS scam
Vodacom subscribers scammed out of R 2.4 million; cellular provider dodges questions about safety of SMS banking
Will VC compensate those defrauded the easy way, or will a few lawyers need to be enriched before the fraud victims will be compensated?
South Africa needs World Class Broadband at World Competitive Prices.
this is such rubbish... big companies getting away with murder as always... so sad!
Better to Live 1 Day as a Lion then 1000 Years as a Sheep
secure from any third party? like Vodacom employees?Vodacom did warn that “due to the immediacy of online banking, consumers are reminded to keep their online banking details secure from any third party”. This advice is however unlikely to put Vodacom subscribers’ minds at ease when the cellular provider itself was partly to blame for the security breach of their clients’ accounts.
also want to know if Vodacom will pay back the money stolen with the help of their employee? (their employee's help was presumably key for the scam to work)
deduct the money from the director's salaries, or the managers in charge of security
Jacques
CT
Surprise surprise - inside jobs are not as uncommon as people would like to believe... it happens at banks, why should it not happen at your phone provider?
ID Theft etc is more likely to happen at the phone provider IMO - they don't have to toe the line like the banks do. They simply shrug it off and carry on.
.
This might be a little bit OT, but why does she not change her name to something like Slash Park, or Comma Meadow? I'll think even Hyphen Lawn is a better option....“Vodacom has implemented additional security measures, to ensure that this type of fraud does not happen again,” said Dot Field
Anyways - that is on a lighter note. Not all is gloom and doom ya know.
You can do something for love, you can do something for money, but there is nothing as satisfying as doing something out of spite - Jeremy Clarkson, 1993
Its not south african enough Roux...
How about Punt Veld
.
Every day when you log on to your banking site you expose yourself to a man in the middle attack [through SSL]. Sure, it's a lot more difficult to impliment but conceptually it's the same thing [in a way at least].
It's a risk we're all fairly comfortable to live with, since, not much can be done about it because at the end of the day, someone will still have access to whatever is being protected. The only safe way of dealing with information is not to tell anyone, not to write it down and not to need it. Clearly we need this, so in this instance we'd have to put our faith in Vodacom to minimize the risk of it happening again and to work with the SAPS [and others where needed].
More importantly I'm happy that the employee has been taken into custody and that he/she is ultimately held responsible for this fraud, to me, it's the positive in this case.
No comment from VodacomData?
Opinions are like A-holes, everyone has one.
Actually, a verified and TRUSTED SSL certificate is provided by a company where the employee's are actually physically separated from each other, and the knowledge required to duplicate one certificate would require at least 3 employee's to work together at great risk and with obvious procedural changes.Originally Posted by Lazy
The entire layout and flow and process of a TRUSTED company, and the audit processes are something to be admired.
Perhaps it's time we took a contract out on Murphy.
Ah - of course yes - that is much better. Komma Parkie is also a good one I think.
Wonder why.... Where is he at right now?
Hy wou daar kom....
You can do something for love, you can do something for money, but there is nothing as satisfying as doing something out of spite - Jeremy Clarkson, 1993
There are various ways of implimenting man in the middle and all of them have very stingent requirements. But lets not get sidetracked with hacking techniques, I'd enjoy it too much and derail the thread completely.
My point was that even if the company has proper auditing, is to be trusted etc etc, at some point in the process someone will still be involved at a low-enough level to have access to some form of data that can be harmful. It's unavoidable really. The checks and balances need to be in place to detect that as soon as possible, which is not always easy either.
Which is why I'm happy they have the suspect in custody, because it means that the process is good enough to identify the culprit, which is well above what would probably be minimum requirements to be [fairly] responsible.
I have always said that SMS banking is stupid...they are way too easy to hack! I want our banks to get OTP tokens! From a quick google there is even an SA group that is doing this. www.fireid.com.
I also hate recieving like 5 SMS's when I log into absa banking to do a transaction. then I have to spend like 30 seconds deleting all the messages after I'm done.
confused about going to vodacom or staying at mtn, either way you lose money.
Always be wary of the Software Engineer who carries a screwdriver.
Yep yep yep!
But .. I am still wondering if any have managed to slip through the cracks.
We're not receiving assurances to that song yet.
Perhaps it's time we took a contract out on Murphy.
Posting Permissions
Reply With Quote
Bookmarks