SIM swap fraud leaves victims feeling helpless

SIM swap fraud leaves victims feeling helpless

African nations such as Uganda and Nigeria have this week announced deadlines for SIM card registrations for later this year as part of plans to track criminal activity. But a spate of ‘SIM swap’ fraud in South Africa this year has proved that even in a country where these registration systems exist, determined criminals are bypassing these processes and stealing thousands of rands from phone users.

In South Africa, a SIM swap allows mobile network operators to issue new SIM cards to customers who have lost their handsets or purchased new phones. The SIM swap process then is designed to allow these customers to port their existing mobile numbers onto their new handsets.

To conduct a SIM swap in South Africa, mobile phone users have to comply with the country’s SIM card registration process, which forms part of the Regulation of Interception of Communication Act (RICA) implemented in South Africa in 2009.

Documents such as a phone user’s identification book and proof of address need to be shown to a mobile operator such as MTN for the user’s SIM card to be registered on the RICA system.

But criminals are increasingly exploiting this system to gain access to phone users’ bank accounts to steal their money.

Reports have emerged of fraudsters producing falsified copies of victims’ identity documents, cellphone numbers and required documents for the RICA process to conduct illegal SIM swaps with mobile phone service providers (MSP) to steal victims’ phone numbers.

Once these fraudsters have illegally assigned a cellphone number to their SIM card, they then receive all the owners’ calls and SMS notifications, which may include ‘One Time Pin’ (OTP) messages containing the login details to access their cellphone or internet banking services.

Fraudsters also use phishing attacks to obtain victims’ cellphone or internet banking login details. These form of attacks typically take the form of fraudsters pretending to be, for example, a bank that asks account-holders to confirm or disclose their internet or cellphone banking login details.

Criminals who have these details could steal funds out of the victims’ bank accounts. Meanwhile, the victims’ mobile phones stop receiving any incoming calls or messages.

And crime incidents of this nature have spiked in South Africa this year, say experts.

“SIM swap bank fraud incidents are definitely demonstrating an upward trend since 2011 when there were just under 100 incidents of cyber crime fraud in the banking industry to the recent figure of just over 1,000 incidents,” chief executive officer of the South African Banking Risk Information Centre (SABRIC), Kalyani Pillay, told ITWeb Africa.

Pillay told ITWeb Africa that RICA is set out to prevent incidents of SIM swap fraud.

But Pillay added that the nature of these criminals is such that they make it their business to circumvent any measures put in place to prevent this crime.

Full extent of how SIM swap fraudsters work not revealed

Since more SIM swap incidents started being reported in South Africa this year, the likes of mobile operator MTN and the South African Police Service (SAPS) have subsequently announced this month that they have carried out a sting operation and captured ‘key’ individuals suspected of being involved in the spate of SIM swap crime.

However, details such as the names or history of these suspects ,or as to how they exactly have carried out their alleged crimes, have not been disclosed by MTN or SAPS.

A special investigating unit that reports to SAPS called ‘The Hawks’ has also not been willing to disclose more details about how SIM swap fraud has been carried out in South Africa.

“I’m reluctant to divulge to you in details how this crime is perpetrated. In short, it is done through identity fraud,” Hawks national spokesperson, Captain Paul Ramaloko, told ITWeb Africa.

In the meantime, hundreds of South African phone users have fallen victim to this crime with some saying they have received little sympathy from their banks.

Esmaré Weideman, chief executive officer at South African media firm Media24, has said she was robbed of R360 000 in a SIM swap fraud incident.

Weideman told ITWeb Africa that she has no idea about how her identity was stolen or how the fraudulent activities were carried out on her Absa bank account.

“I noticed ... that my phone wasn't working. It was in my handbag at home,” Weideman told ITWeb Africa.

“I asked my PA (personal assistant) to check with MTN what was going on, they first told her there was nothing wrong with my SIM.

“Two hours later they informed her that a SIM swap had been done on my phone, at Brooklyn in Pretoria — while my phone was in my bag at home. At 2.30 that afternoon I was informed by Absa's fraud unit that some fraudulent activity had been picked up on my account and that my internet banking facility had been frozen. R1.5 million had been moved from my home loan account to the cheque account, and from there three amounts were withdrawn — R200 000 to a Standard Bank account, and two amounts of R80 000 each to a Capitec account in the name of Badiba Madiba,” she said.

Weideman said her bank shifted the blame towards her.

“Absa is going to great lengths to tell me usually it is the customer's negligence,” she added.

RICA to blame?

South African tech analyst and specialist IT consultant Liron Segev has said that despite RICA being put in place as a preventative measure against SIM card bank fraud in South Africa, it is possible that it could actually make the situation worse.

“There is a database somewhere that has everyone’s info which is linked to cell numbers,” Segev told ITWeb Africa.

“While I am sure RICA has taken all measures to protect the info, there are people who work the system and are able to be coerced either forcefully or financially to divulge information,” Segev said.

Yet, mobile operator MTN refutes claims that RICA could be the weak link that enables SIM card fraud incidents.

“The legal construct is not to have access to RICA information unless under a court order or law enforcement order,” said Eddie Moyce, chief customer experience officer at MTN SA.

“Therefore a check into the RICA database cannot be done under normal business operations - including when doing SIM swaps,” he added.

Meanwhile, MTN says it has put systems in place to curb SIM swap fraud and is working closely with law enforcement to bring culprits to book.

But the damage has been done for victims of SIM swap fraud such as Weideman.

“I have been inundated with calls and mails from people who have had the same horrible experience. You feel pretty helpless,” Weideman told ITWeb Africa.

Read more