Fraudsters 'cleared 50 years of savings' through SIM card swop scam
Share this article:
Cape Town - Fraudsters seem to be targeting elderly people who may not be tech-savvy and people who go overseas.
These are the sentiments of Professor Darlene Lubbe, the daughter of one of the latest victims of SIM card swopping or porting.
Speaking to the Weekend Argus on behalf of her 78-year-old father, Lubbe said someone within a bank had to let someone from a cellphone company know there was money, and from there the scam was born, and they went after the details of the person and took over their number.
“How they get access to account details, I don’t know. There was a SIM swop in October without my dad’s knowledge, done by Vodacom. They cleared out 50 years of savings by transferring Absa Money Market to Absa Cheque and created 15 new beneficiaries. The money was gone within five hours. Both Absa and Vodacom deny responsibility,” said Lubbe.
In an affidavit to Absa’s fraud department, Lubbe’s father said he had noticed that he had no cellphone service and thought he had run out of airtime. He then went to a local cellphone shop where he was told to go to Vodacom. He went to a Vodacom store where he was informed that he did have airtime but needed a SIM swop.
“(The woman there) took the phone and to the back room for about 15 minutes. She put in a new SIM card, she didn’t give me my old SIM, and told me to wait four hours and then switch on my phone.
“The next morning, I tried to pay our domestic workers via internet banking and the computer asked for a 60-second confirmation, and I never got the message on my cellphone so I could not transfer any money to them,” read the affidavit.
After some hassle and a letter to the bank, Lubbe said the stolen R500 000 was paid back to them as a payment of goodwill by Absa.
But there was a second attempt at fraud on December 30 at 6.47pm, when someone ported her dad’s Vodacom number to MTN. “This despite the number being flagged as a number used in fraud in the past month. Vodacom instructed me nothing could be done until the number was back with them. So we had to contact MTN on January2 (when my dad realised his phone was not working again).
“MTN porting does not operate on holidays, so the fraudsters had 36 hours to play with. We managed to freeze all dad’s Absa accounts once again and have now had to delete the cell number and remove any numbers from his profile. The only safe way is to have no internet banking.”
Last week, the Weekend Argus reported on Bloubergstrand’s Feruccio Ferucci, who had his Absa business account swindled out of R3.1million while he was in Miami for two months.
The same modus operandi was used: a SIM swop was done that he did not authorise with Vodacom. His money was paid back to him by Absa, also labelled a “payment of goodwill”.
Absa’s Ally Mafunzwaini, head of national operations, RBB SA, said Absa had investigated the matter.
“In respect of tracking and tracing cases, every fraud case brought to our attention is checked against insider involvement as standard operating procedure. Otherwise, we invest heavily in leading technologies and skills to protect our customers from fraud,” he said.
He added that fraud was not Absa-specific, but industry-wide.
Vodacom’s Byron Kennedy said they were aware of the recent claims of SIM swopping,, and Vodacom treated any fraudulent activity on the network in a serious light. “Once we have completed our investigation, we will take appropriate action should we establish staff negligence or involvement.
“There have been several cases where people have claimed that the same thing happened to them with the same modus operandi. Is Vodacom aware of this? Yes. It is important to clarify that internet banking fraud cannot succeed unless the victim has compromised their banking account details and personal information, including their banking PIN/log-in details. This information cannot be obtained through a fraudulent or even a valid SIM swop. Typically, criminals first obtain an internet banking customer’s PIN and password through the likes of phishing emails.”
Kennedy said Vodacom was investigating matters of this nature.
Another Bloubergstrand man, who wished to remain anonymous, said he had R1.2m taken out his Absa account in 2016. “I recovered the money with lots of problems and delays from the bank and ended losing the interest on my money for two months,” he said.
Fraudsters did the same thing in December last year and he was still trying to recover R82000 from his bank (not Absa; he has not named the bank due to ongoing investigations).
He said he had received SMSes from Vodacom early in the morning informing him that a SIM swop had been requested. However, he said there was another SMS that came through almost instantly after the first SMS, saying it had been approved. His number was ported from Vodacom to MTN.
MTN group executive for corporate affairs Jacqui O’Sullivan said: “MTN’s identity or subscription fraud has unfortunately become a consistent threat to all network operators and customers around the world, as criminals constantly work to find new ways to beat fraud-prevention systems.
“At MTN, we aim to protect customers from fraudulent transactions that often originate elsewhere, often through identity theft. ID theft is often the start of the fraud, with a criminal getting hold of sufficient personal information to pose as a credible ‘network agent’.
“Once the ‘agent’ has a customer on the line, they solicit more details from the customer to perpetrate the fraud. In other instances, sufficient personal data may have been stolen to effect the fraud directly.”
O’Sullivan cited a recent example when MTN proactively warned all its customers to beware of a scam that had developed last year.
“In this, a criminal, claiming to be an MTN call centre agent would request the customer’s security details under the pretence that they were blocking the processing of a SIM swop request being made on the subscriber’s number without their knowledge.
“The scammers were then using the customer’s responses, that they obtained during the call, to perform a fraudulent SIM swop. MTN made it clear that it would not contact customers from its call centre to block the processing of a SIM swop request.
“We also urged all our customers not to respond to unsolicited calls and requests for their security details from an unknown number.
“MTN is rolling out in-store biometrics as an additional layer of security to further halt such criminal activity. We have also introduced secure OTP (one time password) access to systems whereby users who are affected have a clear tracking and audit log. Our monitoring systems give us a view of all related SIM swop activities. MTN also only process SIM swop requests between 7am and 8pm.
“The problem of porting fraud is another route being pursued by criminals. Thieves use a person’s information to switch his or her phone number to a new service provider. The thieves can then use the phone to intercept messages (such as the OTP).
“Both porting fraud and illegal SIM swops start with criminals accessing some personal information about a customer through any number of ways, which is why it is critical that all South Africans strictly protect their personal information and not share any details with unsolicited calls.”
The SA Banking Risk Information Centre said in a statement that through fraudulent SIM swops, criminals could take control of their victim’s mobile number, enabling them to receive SMSes sent by the bank to the client.
These included TVCs (transaction verification codes), RVNs (random verification numbers), PINs or OTPs.
Using these codes together with compromised login credentials, criminals could change, add beneficiaries and transfer money out of the victim’s account.
“Mobile number portability) gives mobile phone users the ability to move to another mobile network and still retain their mobile number.
“In this scenario, the victim’s SIM card is deactivated and the criminal receives communication for the new SIM card issued by the second mobile network operator, enabling them to receive a victim’s TVC, RVN, PIN or OTPs,” the statement read.