Sectors
Companies
About
Subscribe

ID theft on the rise

Nicola Mawson
By Nicola Mawson, Contributing journalist
Johannesburg, 15 Sept 2009

Identity theft is increasing as information becomes more readily available, say industry commentators.

Steven Ambrose, MD of World Wide Worx Strategy, says - while the amount of people being scammed is hard to quantify - the “penetration and proficiency in electronic research is making it easier and easier for ID theft to occur”.

An ITWeb reader recently had a narrow escape when he discovered his SIM card had been blocked in what he suspects was an attempt to swap his card and perpetrate fraud.

Ambrose says this type of fraud has both an online and offline component. He says people need to be wary of leaving their personal information in places where it can be accessed, and should never give out account numbers and passwords over the phone or Internet. “No institution will ask you for your account and log in details, ever,” explains Ambrose.

Compromised information

Ron Botes, Cell C's chief risk officer, says SIM swap fraud and theft are on the increase. The cellular operator has so far this year identified 26 SIM swap cases, with an additional 74 attempted cases recorded.

Botes explains that, when a SIM card is stolen, the network must be notified so that the card can be blocked. The theft must also be reported to the South African Police Service.

Customers usually become aware they may be the intended victim of identity fraud through a SIM swap when they have problems making or receiving calls. “They will then contact their network operator to establish what is wrong,” he says.

Shameel Joosub, MD of Vodacom SA, explains that Internet banking fraud can only take place if bank customers compromise their PIN and password for Internet banking. This can be done if they respond to phishing e-mails, which will allow fraudsters to open accounts at banks, and obtain ATM cards in order to transfer and withdraw money.

Fraudsters also attempt to obtain the cellphone number of a customer through social engineering or phishing and, once they have the customer's SIM card in their possession, they can receive a once-off PIN and access the customer's bank account.

Joosub says a physical verification process is in place to prevent a fraudulent SIM swap. “The SIM swap can only be completed successfully after the verification of information by a second employee, supervisor or manager,” he explains.

“Therefore, it is only possible for the fraud to take place if the customer has compromised his or her Internet banking PIN and password, and the Vodacom measures have been bypassed,” Joosub says.

So far this year, the company has not experienced any cases of fraudulent SIM swaps taking place, he adds.

However, in July, it was revealed that a Vodacom employee had fraudulently created temporary dual SIM cards. The one-time passwords from the banks were then diverted to the duplicate SIM, after which the additional card was deleted. He and an accomplice, allegedly part of a syndicate, have subsequently been arrested and a trial is ongoing.

A big issue

South African Fraud Prevention Service (SAFPS) executive director Pat Cunningham says: “Identity fraud and impersonation is becoming a serious problem.”

Since the start of this year, the non-profit organisation's members have reported fraud prevention savings of more than R650 million through its fraud sharing service, he notes. SAFPS members include Absa, retailer Mr Price, MTN, JD Group and First National Bank.

Last year, savings of R1.3 billion were reported and the full-year figure for 2009 is projected at R90 million, which is lower, probably as a result of banks tightening up on credit lending criteria, Cunningham adds.

Crimes are usually committed with the use of false documentation such as ID books, pay slips and educational certificates, Cunningham explains.

He cautions people to be aware of identity fraud and take every precaution to prevent it. “Don't let people make copies of your ID book, don't throw away junk mail that might contain personal details. Burn or shred this type of mail. Don't let your credit card out of your sight,” Cunningham explains.

For people who think they may have been the victim of identity fraud, Cunningham says they should carry out a credit check at the credit bureau to see if there are any odd enquiries. If there are, find out more.

“If you lose your ID book or have it stolen, then register this with SAFPS. It's a free public service and the ID details are circulated to our members and hopefully we can prevent further impersonation on the ID document,” he says.

Related stories:
Narrow ID theft escape
'Vodacom scammer' out on bail
Phishing scams migrate to mobile
Scam exposes SMS password danger

Share