One in four mobile subscriptions fraudulent in South Africa – what to look out for

Mobile subscription fraud continues to remain a big problem in South Africa, with almost one in every four carrier transactions in South Africa being fraudulent.

This is according to David Lotfi, CEO at anti-fraud cybersecurity firm Evina, who recently spoke to MyBroadband about the state of fraudulent carrier billing in the country.

Evina provides telecommunications companies, merchants, and payment gateways with proprietary DCB (Direct Carrier Billing) technology which helps prevent malicious mobile apps from making payments.

The firm’s cybersecurity honeypot network, and data retrieved by its cyber threat intelligence observations found that 23.53% of mobile traffic in South Africa was fraudulent in the first quarter of 2021.

Lotfi said that the right measures were needed to protect one of the most used payment mediums in Africa’s most advanced economy.

“It should be difficult to subscribe mobile users to digital services without their consent, just as it’s difficult today to open a bank account or even obtain a post box without proper consent,” said Lotfi.

Mobile fraud is facilitated in a number of ways, including through nefarious applications commonly available on app stores.

These include apps which disguise themselves with general features such as flashlights, new wallpapers, pedometer, file manager, and video maker apps.

The top 3 most download malicious apps in South Africa all fell under the productivity category.

These were PDF Reader, Free Document & PDF Scanner, and Docx Reader.

The image below shows a description of each app.

Top 3 malicious apps

In South Africa, however, mobile users continued to be most at risk of a more basic method, called clickjacking.

This method tricks the user into clicking on a hidden payment button which is disguised as a different button to the eyes of the user.

According to Evina’s latest South Africa Fraud Report, clickjacking made up 76% of the fraud types active in South Africa in Q1 2021.

It was followed by spoofing, which accounted for 8.2% of fraudulent transactions.

The chart provides a breakdown of the most common ways in which mobile subscription fraud is carried out.

Mobile fraud techniques

Lotfi said that clickjacking was a very basic type of mobile-based fraud that was several years old, and could easily be blocked very quickly by mobile network operators .

He called on networks to grasp the bigger picture and the scale on which fraud impacts the entire business and mobile market.

“The responsibility of reducing mobile subscription fraud worldwide relies on the MNOs of each country. They are the true dictators of the state of their mobile ecosystem,” Lotfi said.

Lotfi advised mobile network operators to partner with a cybersecurity company to clamp down on fraud.

He said these companies must posses the following characteristics:

  • Must not rely on traffic acquisition as a source of business income. Some companies that offer cybersecurity protection are also digital merchants that depend on traffic growth, no matter its origin.
  • An anti-fraud company must be 100% focused on cybersecurity.
  • MNOs should look for a mobile payment expert that knows how to protect any type of billing flow on direct carrier billing and offline, from a USSD flow to an SMS flow.

Lotfi added that Evina’s software was used in 60 markets across the globe, and secured more than sixteen million transactions per day.

One example of this was one major West African network operator with whom the company had worked decreased its fraud rate from 18% to 1%.

He added that the use of Evina software had led to a 99.94% decrease in fraudulent transactions detected.

The images below from Evina’s South Africa Fraud Report show how victims fall prey to the three most common mobile fraud techniques.





Bypass fraud


Now read: Fraud and airtime theft on Vodacom’s network

Latest news

Partner Content

Show comments


Share this article
One in four mobile subscriptions fraudulent in South Africa – what to look out for