Fraud - How does this work? Insider workings?

Shake&Bake

Party Liaison
Joined
Jan 19, 2007
Messages
22,254
That's the part I don't get though, how did they do R16k if the daily limit is R5k? Sounds like they took all the money in one day.

I'd hazard a guess.

Reading this:

Capitec Bank client payments up to R5 000

Makes me wonder if that is per client or an amount in total.
It lends itself to be interpreted as being "per client" to me.

Thinking of it like that, then they could've moved the money to 4 accounts in 3 batches of R5k and then the balance to another account.
 

HavocXphere

Honorary Master
Joined
Oct 19, 2007
Messages
33,155
Limits are usually per day. Having it per recipient would make little sense. Not sure what they mean by "client" though.
 

Shake&Bake

Party Liaison
Joined
Jan 19, 2007
Messages
22,254
huh? I hope "mobile banking" includes online via PCs...not just mobile.

Phone only for Mobile banking.

The only transfer that can be done via mobile banking, is to another Capitec client, to a mobile number that is verified on Capitec's systems.
No other transfers can be made to other banks via MB afaik.
 

KalMaverick

Expert Member
Joined
Apr 7, 2010
Messages
1,878
huh? I hope "mobile banking" includes online via PCs...not just mobile.

With Capitec you get two options besides normal banking:

Mobile banking = Cellphone banking

In other words you dial a number on your phone and it brings up a menu and you can do certain things through the menu. One of those is buying airtime and paying Capitec clients.

Internet banking

In other words you log in through Capitec's online banking website and do whatever, you can of course do more with internet banking than with mobile/cellphone banking but of course you need either authenticator app on your phone or a physical authenticator.
 

KalMaverick

Expert Member
Joined
Apr 7, 2010
Messages
1,878
How do you brute force a bank pin? It only gives you 3 attempts

Capitec has a bank PIN (for use with ATMs and in the bank) and a mobile banking PIN (just for mobile banking). These are two separate PINs but I guess a lot of people use the same PIN for both.

Most likely (not sure though) the mobile banking PIN does not have a limit on attempts (or they got lucky and using the person's DOB worked).

EDIT: Anyone brave soul willing to test it for interest's sake?
 
Last edited:

MKFrost

Expert Member
Joined
Oct 23, 2012
Messages
3,837
EDIT: Anyone brave soul willing to test it for interest's sake?

Just tried it. Blocked my access after the fifth wrong attempt. Also received an SMS afterwards with message: "Your Mobile Banking Pin was suspended. Visit your nearest branch to reset."
 

R13...

Honorary Master
Joined
Aug 4, 2008
Messages
46,547
Just tried it. Blocked my access after the fifth wrong attempt. Also received an SMS afterwards with message: "Your Mobile Banking Pin was suspended. Visit your nearest branch to reset."

5 times is too much time really lax security there Capitec
 

KalMaverick

Expert Member
Joined
Apr 7, 2010
Messages
1,878
Just tried it. Blocked my access after the fifth wrong attempt. Also received an SMS afterwards with message: "Your Mobile Banking Pin was suspended. Visit your nearest branch to reset."

Thanks! Sorry it got blocked though.

The only thing I can think of then is they guessed his PIN started with 19.
 

MKFrost

Expert Member
Joined
Oct 23, 2012
Messages
3,837
Internet banking still works fine so happy with this. Mobile banking [which I do not use] now blocked.
 
Top