ABSA has no security weaknesses which assist SIM swap scammers to conduct Internet banking fraud, and it is likely that all SIM swap fraud victims have fallen for a phishing scam. This is according to Adrian Vermooten, head of digital banking at ABSA.
Over the last two weeks there were numerous reports about SIM swap and Internet banking fraud, with ABSA featuring prominently in most of the reports. This raised concerns from ABSA customers about the bank’s security.
Vermooten explained that it is pure coincidence that ABSA was mentioned in all SIM swap fraud cases.
He said that SIM swap fraud is definitely an industry problem rather than an ABSA specific issue.
Vermooten said that the fact that ABSA has many older Internet banking customers, and the fact that it has the most customers, may play a role in the higher prevalence of ABSA fraud reports.
All SIM swap victims fall for phishing scams: Vermooten
Vermooten said that he is confident that all SIM swap and Internet banking fraud victims have divulged their online banking details to scammers though a phishing scam.
He said that their forensic investigations conclusively proved that 90% of victims fell for a phishing attack.
Vermooten explained that while they could not prove that the other 10% fell for a phishing scam (because of a lack of information like browser history or a wiped hard drive), he is confident that it is the way fraudsters got the sensitive Internet banking details.
Vermooten said that there is no weakness with ABSA’s security which gives fraudsters access to users’ Internet banking details.
He added that passwords and PINs are not visible to any employees, and to change any passwords an employee will need to involve multiple other employees to bypass the bank’s layers of security.
Some SIM swap fraud money has been refunded
Vermooten explained that ABSA has refunded some of the money stolen by fraudsters in cases where there was negligence on the bank’s part.
He would not provide details about what ABSA’s negligence involved, but did provide a theoretical case where the bank may not respond to fraud warnings in a timely manner.
More in ABSA and SIM swap fraud