Picture: Pexels

Cape Town - There has been a massive increase in cyber-related crimes specifically targeting online and mobile banking apps, warns IRS Forensic Investigations.

Other such crimes include phishing, malware, and SIM swops.

“The SA Banking Risk Information Centre (Sabric) reported that South Africa lost a quarter of a billion rand through these type of banking app frauds in 2017.

“What is really concerning, however, is that Sabric reported an increase of over 100% in the following year’s study from January to August 2018 in respect of SIM swop fraud in particular,” said IRS director Chad Thomas.

SIM swop incidents doubled from 4040 from January to August 2017 to 8254 over the same period the following year.

This is a 104% increase according to Sabric statistics.

National police commissioner General Khehla Sitole said at the release of the 2017-2018 financial year crime stats, cybercrime would be added to crime statistics this year.

He said the police were gathering more expertise and knowledge about cybercrime, and travelled to China and Thailand to learn more about it.

“The cybercrime strategy is at an advanced stage,” said Sitole.

Brigadier Vishnu Naidoo confirmed to the Weekend Argus that the police were developing the cybercrime strategy and it would be integrated into their Organised Threat Analysis strategy. In 2017, Sabric said there were 13438 incidents across banking apps, online banking, and mobile banking which cost the industry more than R250million in gross losses.

While incidents from January to August last year showed a 64% increase, this is compared to the same period in 2017.

Mobile banking incidents showed an increase of more than 100%, with gross losses of R23593631 and online banking incidents showed an increase of 44% with gross losses of R89368722.

Banking app incidents increased by 20%, with gross losses of R70156364.

Kalyani Pillay, Sabric chief executive, said criminals were very skilled at using social engineering to manipulate their victims into divulging their personal or confidential information.

“They capitalise on the fact that not all digital banking clients are digitally literate and exploit this vulnerability. “Using technology, coupled with social engineering, criminals can gather sufficient information to impersonate victims, bypassing bank security protocols.

“South Africans using social media are at risk of phishing and should constantly be on the alert for activity which seems out of the ordinary.

“People should not rely solely on the preloaded internet security which comes standard with their computers and their operating systems – they should invest in more advanced security systems that are upgraded regularly – this extra cost is well worth it in the long run,” said Thomas.

The Weekend Argus interviewed three victims who had their internet banking illegally accessed with SIM cards swopped and in two incidents, ported to a different cellular network.

One man had R3.1m taken out of his business account when a sim swop was authorised without his consent. A 78-year-old man almost lost his life savings when a SIM swop that he also didn’t authorise was done, a second attempt was made to take money out of his account after he got his number back. 

However, he managed to freeze his bank account. Another man was preyed on twice by cybercriminals. Once in 2016 when they took R1.2m and in December last year. He is still trying to recover R82 000 from the bank.

Weekend Argus