Here’s to you not becoming an ID fraud statistic in 2021

I’m ashamed to say I really did think it would never happen to me. But it’s just happened.

I’m not referring to testing positive for Covid-19, though I did get that awful “Covid 19 was detected from the sample” SMS a few hours before I wrote this.

The notification I’m talking about came via SMS two days ago: “Your Sheet Street account is almost approved. Contact 0800xxx if you did not apply.”

The first thing I did was Google the number to see if it was connected to some kind of scam. It wasn’t. It’s a Mr Price Group number. So I called. A lovely man named Dashen told me someone using my name and ID number had applied online at 7am that morning for a Sheet Street account. In my name, and supplying my ID number.

I listened while Dashen listed the other information my imposter had provided:

1. The cellphone number I last used about 15 years ago;
2. The landline number in the newsroom of a newspaper I left in 2004;
3. Monthly income (thumbsuck);
4. My current residential address; and
5. A reference name and number I didn’t recognise.

I was pretty shaken, I must admit. I gave a supervisor in Mr Price’s credit office permission to call the “reference” number and record the conversation for me. Unfortunately, her call went to voicemail, but she promised to keep trying.

The application has been declined, so no-one is going to buy duvet sets and towels in my name this Christmas.

But how did Mr Price know my current cell number to send me that warning SMS? A credit bureau linked my cell number to my ID number when Mr Price did an inquiry.

Manie van Schalkwyk, CEO of Southern Africa Fraud Prevention Service (SAFPS), said Mr Price is a member of the not-for-profit organisation so what the company should also have done is check if I have done a Protective Registration with the SAFPS — which I have — at which point all my (actual) details would have come up.

Identity theft incidents are down 23% from last year, but as always, context is everything: fraudsters had a field day in 2020, with incidents increasing 337% from the previous year. In part this is because so many corporate employees switched to working from home, sending sensitive information across servers that didn’t have the same level of security as the servers at their usual place of business. That’s since been largely rectified, hence this year’s 23% “normalisation”, as Van Schalkwyk terms it.

I asked the Mr Price credit supervisor how my impersonator could have got his or her hands on my personal information.

The three most likely ways, she said, were:

• if I applied for a Covid-19-related payment holiday last year; 
• if I made an application to the the SA Revenue Service forTemporary Employer/Employee Relief Scheme funds; or
• my information was compromised in the Experian breach last year.

The credit information agency’s data breach exposed the personal information of as many as 24-million South Africans to a suspected fraudster. I didn’t apply for any form of financial relief, so that leaves option 3. But worryingly, the fraudster supplied my current address, which I’ve only had since last December.

I want know what the fraudster would have come up with when asked to supply bank statements, pay slips and a copy of my ID, but perhaps I should be grateful it didn’t come to that.

Van Schalkwyk advised me to register with a credit bureau to receive an alert should any credit application be made in my name, and I’m in the process of doing that.

With TransUnion, it’s free for the first 12 months.

Applying for protective registration with the SAFPS is also free, and can be done on your phone in under five minutes. With your ID book or smart card in hand, go to www.safps.org.za and follow the prompts. Do it now.

More advice to reduce your chances of your personal info making its way to fraudsters:

• Don’t share your personal, banking or credit card information with anyone;
• Check your bank and credit card activity daily;
• Destroy — shred or rip up — personal documents before throwing them away;
• Don’t enter online competitions requiring you to provide personal information; and
• Activate privacy settings on social media sites such as Facebook and be very careful not to post any personal details. That includes posting photos of statements or your correspondence with companies.

You could do all that and still a fraudster could attempt to impersonate you, as in my case. That’s why you need the extra layers of protection, ensuring they don’t succeed. And, of course, you have to be vigilant about checking your SMSes.

Here’s to you not becoming an ID fraud statistic in 2021.

CONTACT WENDY: E-mail: consumer@knowler.co.zaTwitter: @wendyknowlerFacebook: wendyknowlerconsumer