• Home
  • /
  • Malware
  • /
  • SA operators crack down on mobile fraud amid COVID-19 crisis

SA operators crack down on mobile fraud amid COVID-19 crisis

Sibahle Malinga
By Sibahle Malinga, ITWeb senior news journalist.
Johannesburg, 02 Sept 2020

South Africa’s mobile network operators are moving to fight mobile fraud on their networks, which has increased during lockdown, with local customers being at higher risk of falling victim to a new wave of airtime theft through rogue wireless application service provider (WASP) services.

New research conducted by Paris-based anti-fraud firm Evina found South African mobile phone users are very often subscribed to mobile services without their consent. It found that in the month of July, one out of every three WASP subscription attempts in SA was fraudulent, as local mobile operators fall behind in their mobile security measures.

After Kenya, SA is the African country most affected by this type of mobile crime, also known as mobile clickjacking – when criminals illegally subscribe customers to a wide range of content through their smartphones for a daily or weekly fee.

Evina says it conducted an analysis of hundreds of thousands of mobile billing transactions from customers of SA’s telcos and concluded that an estimated 31% of WASP subscriptions were fraudulent attempts at illegally billing customers.

“As Africa’s most advanced economy, it is particularly tragic that South African mobile users are falling victim to subscription frauds that are well-managed in many other countries,” says David Lotfi, CEO of Evina.

“This is at a time when we are all under significant financial pressure following the worst of the COVID-19 pandemic.”

In the report, Evina is adamant that fraud is not treated seriously enough by the various mobile payment actors and that the solution is not simply to block mobile value-added subscriptions by default – an option offered by telcos – but rather to manage the problem with better cyber crime-fighting tools and expertise.

“South African mobile users are also targets of a whole range of nefarious attacks, commonly available for app store download, and these include everything from flashlight to wallpaper, pedometer, file manager and video maker apps,” notes the report.

Lockdown attacks

Responding to ITWeb’s questions about fraud trends on its network, Vodacom says since the onset of lockdown, it has seen a rise in mobile cyber attacks, as consumers continue with remote working.

Among the popular trends, according to the telco, are phishing, mobile clickjacking, malicious Web sites, fake internal HR or IT communication.

“There are several scams that customers should be aware of right now. Cyber criminals are well aware that people are spending more time online and have been targeting them with innovative scams suited to the current environment,” says a Vodacom spokesperson.

In terms of measures taken to fight the escalation in cyber fraud, Vodacom says it is constantly improving and upgrading its systems to detect and prevent SIM swap fraud, unauthorised porting and all other fraudulent activities.

“In terms of illegal content subscription, we are in the process of implementing a number of measures, including enhanced double opt-in journeys and processes for all Vodacom-owned and -branded services, as well as all third-party content subscription services, resulting in even clearer billing. Vodacom will now require third-party providers of content subscription services to become members of WASPA [Wireless Application Service Providers’ Association],” adds the spokesperson.

MTN says two years ago, it implemented fraud detection and blocking software called Secure-D, and new methods of breaches are constantly reviewed and blocked on the network to ensure customer protection from malware, malicious bots and apps.

In 2019, MTN says it saw mobile fraud blocking reduced by 92%, which has since decreased to 46% in 2020.

“It is unfortunate that some customers are still being impacted by unknown subscription to content services despite MTN’s efforts to ensure customers are protected. Digital content subscription services continue to evolve, including the methods of digital sign-up to these services.

“In the digital acquisition space, we have partnered with Secure-D, which offers some of the best fraud detection software and systems to protect our customers,” explains Jacqui O’Sullivan, MTN South Africa’s executive for corporate affairs.

Cell C says, while it has not noticed an increase in WASP scams during lockdown, it is investigating some of these fraud incidents. A popular scam observed in recent months has been illegal SMSes informing Cell C customers that they had qualified for a prize and need to either transfer funds or contact a number, in efforts by criminals to obtain private customer information.

“Cell C reviews its security processes and policies on a continuous basis in an effort to protect its customers against criminal activity. In some reported WASP cases which have been investigated, it would appear that the subscriptions are cut off before they reach R200 in charges.

“In most instances, the lines are deactivated as it would appear these lines are totally fraudulent. Among other measures, Cell C has the double-opt-in functionality on its network to protect customers against these fraud incidents,” says a Cell C spokesperson.

Telkom says the most common fraud on its network is fraudulent SIM swaps.

“Telkom cancels illegal SIM swaps via our call centre, and customers now have to go to a store to do a biometric verification to ensure we are dealing with a legitimate customer,” says Telkom.