Following a recent spate of SIM swap banking fraud, the South African Banking Risk Information Centre (Sabric) - together with mobile operators and law enforcement entities - is working to combat cyber crime and spread awareness.
Sabric has urged SA's consumers to adopt stricter personal IT security measures and, as part of its education campaign on SIM swap fraud and the rising threat of phishing, the body has issued the following tips to avoid falling victim to crime online:
1. Never respond to e-mails that appear to be from your bank and request personal details. Remember no bank will ever ask you to confirm or update account details via e-mail, SMS or telephone.
2. Never follow a link on an e-mail to access your bank's Web page. Always access the page by physically typing the name of the Web address that you were given when you signed up for Internet banking in your browser, and confirm you are on a secure site by looking for the "lock" icon on the browser before logging on.
3. Never provide your online ID, password or PIN to anyone and never write them down or share them - not even with a bank official.
4. Do not save your Internet banking password on your desktop.
5. Do not make passwords too personal. Preferably create passwords that have letters, numbers and symbols in them that cannot be attributed to you.
6. Do not leave your computer unattended after entering your Internet banking password.
7. Always log off or sign off at the end of a session.
8. Avoid doing Internet banking in public areas such as Internet caf'es, or on any computer that can be accessed by people you do not know.
9. Change your PIN and passwords frequently.
10. Place sensible transaction limits on your accounts.
11. Ensure you have the latest anti-virus software applications loaded on your computer, and make sure you download all security patches for your operating system in a timely fashion.
12. Only provide your credit card details to reputable companies.
13. Do not open e-mail from unknown sources - delete them immediately, even if the title and sender details appear to be related to your bank.
Avoid SIM swap fraud
The first line of defence against SIM swap fraud specifically, says Sabric, is to protect personal and cellphone account information from third parties and Web sites. This information, which mobile operators will ask for during the SIM swap process, includes cellphone contract type, debit order dates, identity number, addresses and transaction behaviour. Sabric suggests:
1. Be vigilant and always aware of your mobile phone's network connectivity status. If you realise you are not receiving any calls or SMS notifications, something may be wrong and you should make enquiries to be sure you have not fallen victim to this scam.
2. Some mobile operators send customers an SMS to alert them of a SIM swap instruction and customers should contact their operator if the request is fraudulent.
3. Do not switch off your mobile phone in the event you are receiving numerous annoying calls, rather not answer the calls. This could be a ploy to prevent you from noticing your connectivity has been tampered with.
4. Have your mobile phone services provider's numbers written down somewhere close by. This way you can phone to check whether anything suspicious has taken place.
5. Register for SMS notifications when there is any activity on your bank account so that you can be alerted to any attempt to move funds from your account.
6. If already registered for SMS notifications, keep your mobile phone with you and on at all times so that you can respond to any suspicious activity immediately.
7. SIM swap fraud almost always works hand-in-hand with phishing/smishing, so the same protection mechanisms should also apply (do not click on links from e-mails, SMSes, etc, purporting to be from your bank and never enter your log-on information).
8. Make a habit of checking bank statements and online banking transaction history regularly. In this way, you will able to timeously identify any unauthorised transactions.
Share