A worrying new crime trend has emerged in South Africa: victims are being kidnapped and coerced, often under the threat of violence, into making transfers from their banking apps, often stripping them of all their savings or completely looting their other accounts.

Incidents involving kidnapping or hijacking of individuals, with the aim of gaining unauthorised access to their banking apps under duress, are on the rise, experts say.

“There are different syndicates operating, and they have their own targets and modus operandi. Attacks on business owners have occurred, but some attacks are more opportunistic in nature,” a spokesman for Standard Bank told TechCentral.

These “shakedowns” are executed in a number of ways.

Some victims are forced to make payments into bank accounts outside of the country, which makes tracing the funds nearly impossible for law enforcement.

In other cases, victims’ accounts are used to make online purchases both locally and across South Africa’s borders.

In yet another example, multiple digital wallet payments or account transfers are made to a local recipient by syndicate members holding the victim hostage while other perpetrators drive around and make withdrawals at ATMs as quickly as they can.

In all instances, common banking app protection features including Pins, biometric authentication and facial recognition prove to be ineffective.

“In an app kidnapping – where someone is forced to open their own profile on their own phone – there isn’t much one can do. It’s similar to someone forcing you at gunpoint to withdraw cash using your own card and Pin at an ATM,” said Lezanne Human, an executive director at Bank Zero.

Banking app kidnappings – what to do

For many, the knee-jerk reaction to what is perceived as a helpless situation is to delete all banking apps on personal devices entirely, but this makes transacting and managing funds on a day-to-day basis cumbersome.

Human recommends a workable middle ground: “Keep only enough funds in your transactional account to cover immediate expenses. Place the rest in a seven-day (or longer) notice account. If you then need urgent access to it, you can action an ‘early breakage’, but funds will only be available the next day – long after the criminals have moved on,” she said.

This strategy may work for some people, provided their banking needs do not go beyond the simplicity of a transactional or savings account, but it is not applicable in all cases all the time.

As George Wandsella, head of enterprise risk and fraud strategy at TymeBank, explains, banking app shakedown syndicates are discerning in the way they choose their targets, often honing in on individuals more likely to have a sophisticated account profile with more banking products – and more money in those accounts.

“Kidnapping cases can affect anyone, but generally speaking those higher at risk include children, business owners, high-income individuals, those living alone and newcomers to South Africa,” said Wandsella.

Representatives from Standard Bank, TymeBank and Bank Zero all told TechCentral that detecting and stopping a banking app shakedown in progress is difficult to do.

Tracing stolen funds after the fact also often leads nowhere because, although law enforcement may know where the money was withdrawn, finding the perpetrators is difficult because they change their hunting grounds often. For consumers to insulate themselves, they must be aware of how these criminals operate.

“Prevention is key for this type of crime, and customers are urged to educate themselves on the tactics used by criminals and ensure that the necessary precautions to prevent kidnapping are exercised,” said Wandsella.

Although an extra dose of vigilance might help stop some incidents, it is no magic elixir. When the worst that can happen does, Christina Pieterse, head of Nedbank’s digital channels, recommends the following protocol for banking app shakedown victims:

Cooperate: The safety of your life should always be top priority. If someone is threatening you with violence, it’s best to cooperate and do as they say to ensure your well-being.
Stay calm: Try to remain as calm as possible. Panic can escalate the situation, so it’s essential to keep a level head.
Memorise details: If you can, make mental notes about the assailants’ appearance, their accents, or any identifying features. This information may be helpful to law enforcement later.
Stay passive: Avoid any sudden or aggressive actions that could provoke the kidnappers.
Comply with their demands: Comply with their instructions, such as accessing your banking apps. Your personal safety should always come first.
Seek help later: Once the situation is resolved, immediately contact the authorities and your bank to report the incident.

The South African Banking Risk Information Centre (Sabric) tracks banking-related criminal activity, providing information on the various types of banking crimes. In its Annual Crime Stats 2022 report released last month Sabric noted that other types of mobile banking crimes were in decline while banking app fraud cases increased by 36%, suggesting that criminals are now migrating to banking app shakedowns and other methods since the previously popular Sim-swap method is proving to be less effective than in the past.

Read: How digital upstarts are menacing South Africa’s big banks

“Encouragingly, the number of reported mobile banking fraud incidents saw a 9% reduction in 2022. Additionally, incidents involving Sim swaps declined from 87% in 2021 to 76% in 2022, indicating a waning efficacy of this fraudulent tactic,” it said. – © 2023 NewsCentral Media