Telcos unite in crackdown against SIM identity fraud
A new wave of SIM identity fraud is on the horizon, as more South African mobile subscribers fall victim to mobile number portability (MNP) and SIM card swap scams.
Local mobile operators told ITWeb they are aware of the recent spate of scams and are taking measures to collaborate in order to combat the crime.
While local banks say they have advanced fraud detection technologies to fight SIM swap fraud, criminals stop at nothing to prey on vulnerable consumers by attempting to convince a mobile carrier to switch a user’s phone number over to a SIM card they have in their possession.
MNP fraud, which is an extension of SIM swap fraud, enables the criminal to switch from one mobile provider to another, illegally gaining access to a user’s sensitive data.
The SA Banking Risk Information Centre (Sabric) confirms that although the scam is not new, it has made a comeback.
It says the main reasons for hijacking cellphone numbers is for criminals to gain access to users’ digital banking information by stealing credentials and capturing one-time passwords, while also preying on the user’s WhatsApp contacts by pretending to be in an emergency situation and in desperate need of funds.
A number of South Africans have cried foul over these scams, taking their frustrations to social media.
Facebook user Livhuwani Masakona Mutshatshi shared her frustration on her status: “I just got a message saying my number is being ported from Vodacom to MTN. Please don't accept any requests if I get deactivated from accessing my phone. I'm trying to call Vodacom Customer Care,” she explained.
Another Twitter user, known as @skomvanniekaap, complained directly to his operator MTN: “@MTNzaService As per usual, fraudulent port request to my Cell C number which was ‘approved’, can’t get through to a human to report and block this, the last time you guys stole all the airtime and data, contact me on here!!! #fraud #mtn [sic]
MC Matwot warned fellow Facebook users of SIM swap fraud this week: “Your bank account could be emptied without an alert – Dear all, please let's be very careful. There is a new high tech fraud in town called the SIM swap fraud, and hundreds of persons are already victims.” [sic]
MTN SA's executive of Corporate Affairs,Jacqui O’Sullivan, told ITWeb that MTN has been made aware of incidents of porting fraud that had transpired this past weekend and is working to assist affected customers, as well as identify the source of the fraud.
“In an effort to protect our customers from this type of fraud, MTN has been rolling out in-store biometrics as an additional layer of security to further halt such criminal activity. We have also introduced secure one-time password access to systems, whereby users who are affected then have a clear tracking and audit log. Our monitoring systems give us a view of all related SIM swap activities.”
Since the porting process involves both a donor network and a recipient network, O’Sullivan highlights the importance of both networks to have security measures in place to protect their customers.
In terms of SIM swap fraud, she adds: “SIM swap fraud has unfortunately become a consistent threat to all network operators and customers around the world, as criminals constantly work to find new ways to beat fraud prevention systems. ID theft is often the start of the fraud, with a criminal getting hold of sufficient personal information to pose as a credible ‘network agent’.”
In an e-mail sent to ITWeb, Cell C says it is aware of a few unauthorised port requests affecting all network operators, which is believed to be the ongoing result of potential syndicates at work. “It must be noted that the majority of the port requests reported over the last few days were stopped before the port was processed, and those few that have gone through are being attended to by our forensic division,” notes a Cell C spokesperson.
“This is a highly unusual occurrence and Cell C continuously updates its security protocols to protect customers from these situations. Cell C’s processes have indeed brought the overall number of fraudulent ports down dramatically from over 300 in June 2018 to just 25 in November 2019.”
The telco says it is working with other network operators to determine the source of these unauthorised ports and will take action against any agent and/or channel that may be involved.
According to Sabric’s latest Annual Crime Statistics report, annual SIM swap fraud in the mobile banking space saw an increase of over 200% to 11 077 incidents from 2017 to 2018.
The report shows a 75.3% rise in mobile banking (USSD), online banking and banking app crimes combined during the period.
Security firm Kaspersky says SIM swap fraud has become common in Africa and the Middle East, affecting countries like SA, Turkey and the UAE.
“Kaspersky research shows that mobile payments and the banking system are suffering a wave of attacks – mostly powered by SIM swap fraud – and people are losing their money as a result,” says Fabio Assolini, senior security researcher of Kaspersky.
In some cases, there are carriers’ employees working together with criminals to divert incoming SMS messages, allowing scammers to easily complete the text-based two-factor authentication checks that protect sensitive accounts in financial services, social networks, Web mail services and instant messengers, notes Kaspersky.
The total money lost in a single incident varies by country: there are extreme cases, such as one in the UAE, where a victim lost $1 million, while in SA, a victim reported losing $20 000 in 2019, according to Assolini.
Vodacom confirms its customers have also been targeted; however, the telco says only a “small number of customers” have been affected by the MNP scam.
“Vodacom is aware of a scam whereby criminals target mobile phone users in an attempt to port numbers for fraudulent means. The vast majority of port requests are legitimate,” explains Byron Kennedy, executive head of Group Media Relations at Vodacom.
“It is important to note that number porting regulations are regulated by ICASA and, in the event of a fraudulent port request, the customer will receive an SMS alerting them to a port out request on their number. To reject a port, the customer must respond to the SMS with the number '1' within 50 minutes of receiving the SMS. If there is no response, the port will be approved.”