SIM-swap fraud remains a concern in South Africa.
The case of a retired couple who were victims of fraud amounting to over R800,000 recently made headlines, as they nearly lost their home to their bank in the process.
Over R500,000 in savings and R300,000 in new credit was transferred to Capitec accounts from the couple’s bank – highlighting how quickly you can lose money as a result of fraud.
MTN and Absa were the respective mobile network and bank involved.
Guarding against SIM-swaps
MTN said the most common way for criminals to perpetrate SIM-swap fraud is to impersonate their victim through identity theft.
“MTN is currently rolling out in-store biometrics as an additional layer of security to further halt such criminal activity,” it told MyBroadband.
It has also introduced one-time passwords for staff access to systems, which gives subscribers affected by SIM-swap fraud a clear tracking and audit log.
“Our monitoring systems give us a bird’s-eye view of all related SIM-swap activities.”
This follows MTN introducing a system called MTN Verified in 2016, which will notify a number active on the network that a SIM swap has been requested – and require the swap to be authorised from that number.
It also processes SIM swap requests between 07:00 to 19:00 daily, to ensure customers are awake to receive the request.
MTN’s system also allows banks to check whether a number has been recently SIM-swapped, and banks can place a hold on affected online banking services for 72 hours.
Watch for phishing
MTN and Absa warned that subscribers should not respond to unsolicited calls and requests for their security details, as this is the first step in fighting phishing.
Users should not respond to any links requesting their personal information, either.
“Fraudsters often send out emails claiming to be from Absa, or other reputable organisations,” said Absa on the matter.
These emails can look authentic, making use of official logos and corporate colours to convince you the email is legitimate.
Warning signs to look out for in these emails:
- Claims your account is being suspended.
- Outstanding FICA verification.
- An upgrade to your mobile app.
- A pending payment notice.
These emails typically encourage you to click a link or open an attachment to rectify the fake problem.
“Although this link or attachment does not link to the real Absa website, these websites are usually designed to look exactly like the Absa site.”
To identify phishing attacks, Absa offered the following tips.
- Always double check the sender address on emails.
- Hover the mouse cursor over links in an email to reveal their true address.
- Banks will never address you as “Dear Client” or “Dear Customer”, and always use your name.
- Banks will never ask you to click on a link or open an attachment in an email for you to enter your banking details.
- Absa will never ask you to enter your entire password. You will only be asked to enter 3 random characters of your password.
Fraudsters may also attempt to steal your credentials by sending messages via SMS or WhatsApp, or through phone calls.
What to do
Should your cellphone unexpectedly lose signal, you must immediately contact your mobile operator to find out what is going on – as you may be the victim of SIM-swap fraud.
If your phone is stolen or lost, immediately contact your operator to blacklist it.
Additionally, forward all suspicious-looking banking emails to the bank’s security department, then delete it.
The contact emails are:
- Absa – [email protected]
- FNB – [email protected]
- Nedbank – [email protected]
- Capitec – [email protected]
- Standard Bank – [email protected].za
If you believe you have fallen victim to phishing, contact your bank immediately to report the possibility that your information may be compromised.