Thousands of rands lost in ‘FNB, MTN SIM-swap scam’
A forensic investigator has alleged an inside job at First National Bank (FNB) and MTN in a SIM-swap scam that pilfers customers of hundreds of thousands of rands.
Private consulting forensic scientist, Dr David Klatzow, says his client, Cape Town audiologist Gail Jacklin, lost over R200 000 from the scam earlier this year. Dr Klatzow said his client hasn’t been reimbursed by FNB.
Dr Klatzow told Fin24 that MTN failed to prevent an unauthorised SIM-swap of Jacklin’s phone, which resulted in fraudsters stealing from her FNB accounts.
But Dr Klatzow said he knows of at least another 20 cases of the same scam with the same modus operandi, and he has alleged an inside job at both FNB and MTN. Cape Town talk radio station Cape Talk has also reported that a number of its listeners have also reportedly been victims of this scam.
"The evidence seems to show that there is somebody within the bank and within MTN who has access to your details,” Dr Klatzow told Fin24.
“And what happens is, in many instances, and in my particular client's instance, her phone went on the blink,” he said.
Dr Klatzow explained that the scam typically involves a banking customer’s phone becoming inoperable, after which money is stolen from the victim’s bank accounts.
Dr Klatzow has further alleged that an unknown insider at FNB targets “a certain strata of bank accounts”.
This insider then allegedly works with somebody at MTN to put a phone “on the blink” and thereby arrange for a SIM-swap to aide the crime, explained the investigator.
Once the SIM-swap has been completed, the scammer can then access sensitive details such as internet banking One Time Pin (OTP) codes to carry out the crime, said Dr Klatzow.
“Once they know you've got significant funds in there, they target you - that cannot be done without the assistance of the bank,” he told Fin24.
FNB, in its response to Fin24’s query about this alleged scam, did not detail the circumstances around Dr Klatzow’s client’s experience of fraud.
However, the bank, in its response, said that “phishing as a means of fraud has been a problem for many years”.
“We continually warn and educate our customers to never release their confidential banking information, or to respond to unsolicited email including threats to close their accounts if they do not ‘update’ their information via a link provided or offers of prizes/refunds via a link in an email,” said the company.
The bank further urged customers to “protect their login details at all times” and to contact the bank if their phone suspiciously loses connectivity.
FNB further said that it employs “a robust security framework which is multilayered”.
Fin24 contacted mobile network MTN for a response on Tuesday afternoon, but the company on Wednesday at the time of writing had not yet responded.
Doubts over phishing
Dr Klatzow, though, said he doubts FNB’s statement that phishing is to blame in this instance.
"The two companies involved would love you to believe that this is phishing and that people are inadvertently giving out their banking details. That is not so,” said Dr Klatzow.
"Now, there is no way that somebody on a phishing scam could put your phone on the blink,” Dr Klatzow told Fin24.
The forensic investigator further said that if FNB and MTN fail to address the problem, a class action lawsuit could be initiated against the companies.
"It's got very bad, it's become chronic and there is a very serious outbreak of this epidemic now. But the banks have known about this and they've created a platform which is ultra vulnerable,” said Dr Klatzow.