SIM-swap fraud: Consumers must be alert

Cape Town - Although banks have measures in place to curb SIM-swap fraud, consumers must be vigilant, urged a specialist business and IT consultant.

Liron Segev, the editor and author of TheTechieGuy.com, said SIM-swap fraud is as much a reality as organised crime.

Fin24 has been inundated with reader queries from victims of SIM-swap and phishing scams. One such person is Solly Zaidel who lost over R100 000 and is currently approaching the Banking Ombudsman.

READ: SIM-swap victims mull legal action against banks

Cape Town-based corporate law activist and attorney Johan Victor is preparing to take the fight of several disgruntled clients to the courts.

He told Fin24 the losses of his clients run into millions, with the highest at present being R1.8m and the lowest R43 000. His clients bank with ABSA, Standard Bank, FNB and Capitec, while the mobile network providers are Vodacom and MTN.

Victor claimed it would appear that syndicates with members inside banks and cellphone companies work together to defraud unsuspecting consumers.

"Regardless of how much technology we use, there is still a weak link – the human," Segev told Fin24.

He said as long as there is a human involved in any system, there is a chance for fraud.

"When organised criminals want to infiltrate any organisation they use a combination of software hacking tools and social engineering, where they manipulate people to help."

READ: Here's how to bank on mobile safely 

Segev said with banking apps being the preferred method of banking, the big danger is that people might start off using legitimate banking apps, but that criminals can also dupe people by creating seemingly innocent apps.

He explained that this could, for instance, be a gaming app, which once installed, removes the official banking app and replaces it with a fake banking app. "When the user tries to log in, he/she is told to re-enter the username and password and this information is then sent to criminals."

"Banks have systems in place to limit the damage as much as possible, but its not 100% fullproof. You have to stay vigilant and if you suspect something is wrong – don’t wait. The sooner you react, the less damage will be done."

Segev provides the following tips:

1. Never install apps not from the official app store.

2. Have anti-virus, anti-malware software on your mobile phone. "We usually have this on our computers and yet our phones, which often have more personal information, are not protected."

3. Keep a close eye on your bank statement. "When statements used to arrive in the mail, we used to go through them in depth, but now that they are emailed to us, they just get filed in some folder and we never open them. This is a mistake. Open the electronic statement and look for anything out of the ordinary."

4. Find out from your bank if it has the option to set up alerts when you spend over a specific amount or when you transfer over a set amount. "If you have that facility – use it. As soon as anything happens in your account, you will instantly know about it."

5. Save your bank’s fraud support number on your phone. "The sooner you report issues, the more likely you will get your money back."

6. If you travel overseas, instead of using your main account, you should consider opening a new account (or use another bank). "Deposit funds of the trip in the new account. This will help you not only keep your eye on expenses, but also limits any damage if your card is skimmed."

7. Use only main ATM machines and check that nothing is stuck on the ATM that could skim your card and read your pin. "These are popular in tourist attraction locations."

8. Avoid using free open WiFi and logging onto your bank account. "If you need to do this, use your phone as a hotspot and use that to log in. Intercepting data on WiFi is much easier than intercepting 4G mobile data (but not impossible)."