SIM-swap Scam Loses Victims Hundreds of Thousands
FNB, MTN SIM-swap Scam
The First National Bank (FNB) and MTN SIM-swap scam, whereby consumers were robbed of hundreds of thousands of rands was allegedly an inside job, according to a private forensic investigator.
One of the victims of the SIM-swap scam, Gail Jacklin is an audiologist from Cape Town. Jacklin lost more than R200 000 to the SIM-swap scam early this year. Consequently, Jacklin hired Dr David Dr Klatzow, a private forensic scientist to look into the matter. Jacklin has yet to be compensated by FNB said Dr Klatzow.
Fraudsters were able to get away with stealing from FNB customers due to MTN failing to prevent an illegal SIM-swap of their phones Dr Klatzow said.
Dr Klatzow is aware of no less than 20 similar SIM-swap scams. As such, he alleges the SIM-swap scam was an inside job at both MTN and FNB.
Numerous Cape Talk radio station listeners have also come forward as victims of the SIM-swap scam.
“The evidence seems to show that there is somebody within the bank and within MTN who has access to your details,” Dr Klatzow asserted.
“And what happens is, in many instances, and in my particular client’s instance, her phone went on the blink,” he explained.
How a SIM-scam typically operates is first, a bank customer’s phone is rendered inoperable and second, money is pilfered from the victim’s bank account Dr Klatzow clarified.
An unidentified insider at FNB is targeting “a certain strata of bank accounts” alleges Dr Klatzow.
Phones are put “on the blink” via a collaboration between an FNB and an MTN insider, thereby arranging SIM-swaps that enable them to commit the crime, alleged the investigator.
After completing the SIM-swap, the scammers have access to sensitive personal details, including the customer’s One Time Pin (OTP) used for internet banking. This way, the thieves are able to steal money, expounded Dr Klatzow.
“Once they know you’ve got significant funds in there, they target you – that cannot be done without the assistance of the bank,” he said.
FNB’s Response
FNB has yet to provide any details on the circumstances surrounding Dr Klatzow’s client’s encounter with fraud. Although, it did respond by saying that “phishing as a means of fraud has been a problem for many years”.
“We continually warn and educate our customers to never release their confidential banking information, or to respond to unsolicited email including threats to close their accounts if they do not ‘update’ their information via a link provided or offers of prizes/refunds via a link in an email,” said FNB.
FNB has insisted that customers “protect their login details at all times” and encouraged them to get in touch with the bank, should their phone become suspiciously inoperable.
Moreover, the bank said it makes use of “a robust security framework which is multi-layered”.
MTN’s Response
In a statement issued late Wednesday, MTN advised it is exploring various safeguards to protect customers more effectively from SIM-swap scams.
MTN urged customers to also protect themselves.
“MTN urges its customers to safeguard their internet and telephone banking log-in details and password against social engineering (phishing) to safeguard their accounts. The banking customer’s log-in details and password is the last line of defence that should only be known to the user. The onus is on consumers to ensure that their passwords and log-in details are not compromised,” said MTN.
“In a number of cases of fraudulent transactions, the customer has already compromised by unwittingly divulging their details to third parties either through phishing or social engineering. Where fraudulent activity has taken place, MTN is working closely with the South African Police Services as well as the South African Banking Risk Information Centre (SABRIC) to assist in the necessary investigations to bring perpetrators to book,” MTN said.
Unlikely Phishing
On the other hand, Dr Klatzow doubts that phishing is behind the SIM-swap scam.
“The two companies involved would love you to believe that this is phishing and that people are inadvertently giving out their banking details. That is not so,” he said.
“Now, there is no way that somebody on a phishing scam could put your phone on the blink,” the forensic investigator explained
If nothing was done to address the issue, customers could initiate a class action lawsuit against FNB and MTN.
“It’s got very bad, it’s become chronic and there is a very serious outbreak of this epidemic now. But the banks have known about this and they’ve created a platform which is ultra-vulnerable,” Dr Klatzow said.