The SA National Roads Agency (Sanral) says it has taken the necessary steps to thwart would-be fraudsters out to catch registered e-toll users online via phishing.
This comes three weeks after security experts warned it was only a matter of time until cyber criminals leveraged the e-toll hype and launched a full-scale phishing attack.
When asked about its contingency plan in the light of possible e-mail or SMS fraud, Sanral said: "In various e-toll communication, media engagements and advertisements, Sanral has urged road users to contact e-toll customer services when they suspect fraudulent activity or when they are unsure about the authenticity of electronic or mobile communication."
Last month, Sanral said it regretted a jibe made by spokesperson Vusi Mona in response to a Talk Radio 702 caller's question regarding electronic communications fraud and the agency's e-mail and SMS notifications to users informing them they have outstanding e-toll fees.
The listener had posed the question (paraphrased): "How do I, as a road user, know that I'm not being scammed, because there are a lot of people who will jump on the bandwagon and try to scam you? How do you guarantee that these SMSes [we are getting demanding e-toll monies] are genuine and not scams?"
Mona's response was: "Very easy. Raise your IQ a little bit."
At the time, and for the weeks following, ITWeb requested a valid response from Sanral regarding the concern, but received no answer. At the time, Sanral issued a statement on behalf of Mona, saying it was not his intention to offend the listener, if that was the case, "and [Mona] tenders his apology unreservedly to him/her".
Yesterday, Sanral responded to ITWeb's query as to how people know when an SMS or e-mail claiming to be from the roads agency is in fact a genuine communication from Sanral: "The SMSes sent by e-toll Customer Services do not have a link. The SMS merely notes an amount, reference number and the e-toll call centre."
Mona says while there has been a great deal of speculation around fraud involving Sanral's name, the agency has "not yet picked [up on] any dubious activity".
Security breach
On Tuesday, ITWeb reported that details around a security flaw in Sanral's Web site have still not been made public, despite the agency's almost one million users potentially having had their personal details accessed.
Following the user information security breach, and numerous requests for details on what recourse users have in ensuring their online safety, Sanral said yesterday: "Currently, when establishing a username and password for accessing information on a violations processing centre account, the user needs to submit an ID number with the vehicle licence plate number, which is checked against the registration details on electronic national administration traffic information system before access is granted."
The company tasked with running Sanral's e-toll operations - the Electronic Tolling Company - says "the matter is currently being investigated by the country's law agencies". Until the investigation has been concluded, neither the company, nor Sanral would comment on the issue.
Share