A forensic investigator has alleged an inside job at First National Bank and MTN in a Sim-swap scam that pilfers customers of hundreds of thousands of rands.
Private consulting forensic scientist David Klatzow says his client, Cape Town audiologist Gail Jacklin, lost over R200 000 from the scam earlier this year. Klatzow said his client hasn’t been reimbursed by FNB.
Klatzow said MTN failed to prevent an unauthorised Sim swap of Jacklin’s phone, which resulted in fraudsters stealing from her FNB accounts.
But he said he knows of at least another 20 cases of the same scam with the same modus operandi, and he has alleged an inside job at both FNB and MTN. Cape Town talk radio station Cape Talk has also reported that a number of its listeners have also reportedly been victims of this scam.
“The evidence seems to show that there is somebody within the bank and within MTN who has access to your details,” Klatzow said.
“And what happens is, in many instances, and in my particular client’s instance, her phone went on the blink,” he said.
Klatzow explained that the scam typically involves a banking customer’s phone becoming inoperable, after which money is stolen from the victim’s bank accounts.
He has further alleged that an unknown insider at FNB targets “a certain strata of bank accounts”.
This insider then allegedly works with somebody at MTN to put a phone “on the blink” and thereby arrange for a Sim swap to aid the crime, explained the investigator.
Once the Sim swap has been completed, the scammer can then access sensitive details such as Internet banking one-time Pin codes to carry out the crime, said Klatzow.
“Once they know you’ve got significant funds in there, they target you — that cannot be done without the assistance of the bank,” he said.
FNB, in its response to a query about this alleged scam, did not detail the circumstances around Klatzow’s client’s experience of fraud.
However, the bank said that “phishing as a means of fraud has been a problem for many years”.
“We continually warn and educate our customers to never release their confidential banking information, or to respond to unsolicited e-mail including threats to close their accounts if they do not ‘update’ their information via a link provided or offers of prizes/refunds via a link in an e-mail,” said the company.
The bank further urged customers to “protect their login details at all times” and to contact the bank if their phone suspiciously loses connectivity.
FNB further said that it employs “a robust security framework which is multilayered”
At the time of writing, MTN had not responded to a request for comment.
Doubts over phishing
Klatzow, though, said he doubts FNB’s statement that phishing is to blame in this instance.
“The two companies involved would love you to believe that this is phishing and that people are inadvertently giving out their banking details. That is not so,” he said.
“Now, there is no way that somebody on a phishing scam could put your phone on the blink,” he added.
The forensic investigator further said that if FNB and MTN fail to address the problem, a class action lawsuit could be initiated against the companies.
“It’s got very bad, it’s become chronic and there is a very serious outbreak of this epidemic now. But the banks have known about this and they’ve created a platform which is ultra vulnerable,” said Klatzow.