The South African Banking Risk Information Center (SABRIC), on behalf of the banking sector, is warning bank customers against protecting their mobile devices after the number of criminal activities involving phone theft has increased significantly.
Cell phone theft is not a new phenomenon, but SABRIC sees an emerging trend where cell phones stolen from owners allow criminals to gain access to the victim’s personal and even confidential information, which can then be used in a crime commit.
“In 2020 there was a significant increase in bank app fraud through cell phone theft,” says an annual report on the crime committed last year. “It is important to note that there have been no reports of the banking app software being compromised in order to commit the fraud,” SABRIC said.
It is said that although there are various methods and techniques used in the cell phone snatching mode Operandi, the correct credentials are used to access the app. “These credentials may have previously been compromised by social engineering methods such as shoulder surfing or phishing, but in many cases the credentials have been compromised due to security flaws in the management of such information.”
For example, the credentials were stored elsewhere on the device or the same username and password were used for multiple apps. SABRIC saw the number of SIM swap incidents increase 26.11% (2,684) in 2020 compared to 8% (855) in 2019.
There are a number of ways that criminals can access information stored on your mobile phone if it is stolen to defraud you, the association said. “One way is to have literally access to any open application on your unlocked phone and view your sensitive information. Another is the use of social engineering to get your usernames and passwords stored in the cloud. “
The tactics used could be vishing, where criminals call you and manipulate you into believing they are in the bank to force you to divulge sensitive information like PINs or passwords, or phishing, where you send an email. Received mail that you believe came from the bank or a legitimate service provider asking you to click a link requesting your PINs or passwords.
Once your password is compromised on your stolen phone, all other credentials are available and can be exploited. In addition to social engineering, shoulder surfing in public places like restaurants can also compromise your credentials.
Insurance broker and risk advisory service, Aon said brazen criminals are willing to risk life and limb to snatch and get away with a $ 20,000 smartphone – phones lying on tables right next to you in restaurants, in vehicles attached to car kits plugged in, peeping out of your back pockets, and even while in use and against your ear – it’s all fair game for criminals attacking anyone to get their hands on a smartphone payday.
Searching for gentle, distracted targets who ignore their surroundings, criminals usually strike at the speed of light, grabbing the phone from their hands, and then disappearing into a waiting car for a quick escape.
With a booming illegal market for these stolen goods, Aon South Africa warns consumers to be extra careful and vigilant and to keep phones out of sight and safe when not in use. Aside from the theft of the phone, the major concern is that criminals are equally interested in the valuable personal information that is stored on the device.
“Criminals usually grab your phone while you’re busy with it and the phone is unlocked so they have full access to everything on your phone. This includes banking apps, delivery services and any other personal information that could be used for fraud such as:
“Even if you have security measures such as fingerprint readers or facial recognition software in place, criminals can bypass these measures in seconds, gain access to your information and then make your phone disappear from the illegal cell phone market,” said Ann Cloete of Aon South Africa.
“There are many ways that criminals can access and use the personal information stored on your mobile device – from seeing all of your personal information where you live, to social engineering, to obtaining sensitive information and tricking others into believing they are with you They’ll do business, to the point of phishing and SIM swaps, until you think you’re dealing with a legitimate service provider and have your passwords and PINs compromised, ”said Cloete.
Aon offers the following tips to minimize and manage your risk as much as possible:
- Avoid becoming a victim of cell phone theft as much as possible – hide your device in your pocket or jacket, never go around in public and speak as this will make you an easy and distracted target. Leave messages, WhatsApp texts and newsfeeds until you are at home or at work and in a safe place to view and reply to. Never leave your phone unattended or on a table in front of criminals. Keep your phone out of the car and put your phone out of sight.
- Inform your bank – If your phone is stolen, contact your bank immediately to secure your accounts and cards and to deactivate your banking app. Confirm the next steps with your bank if the criminals gain access to your account.
- Freeze your contract – Contact your carrier and freeze your cell phone account and lock your SIM card to stop data usage and all phone calls from your cell phone, potentially resulting in costly additional charges for which you would be responsible. Blacklist your phone with your carrier.
- Protect personal documents – If your device contains personally identifiable information such as your identity information, proof of residence, and other sensitive information, contact South African Fraud Prevention Services (SAFPS) by phone (0860 101 248), email, or online. Any fraudulent activity on your account can affect your creditworthiness and even blacklist you. Therefore, it is advisable to contact the credit ombudsman if you fall victim to fraudulent dispute resolution activity.
- Change passwords – Make a list of all the applications, email and social media accounts you have on your phone and change the password for each of these accounts. It will help a lot in narrowing down fraudulent activity on your mobile phone.
- Notify family and friends – Let your family and friends know that your cellphone has been compromised and don’t take requests from anyone facing you – known as social engineering.
Properly insure yourself for your phone replacement, Aon said. Make sure your mobile devices and those of your family members are listed in your all-risk coverage of your policy by make, model and serial number.
Some insurance policies also include coverage for mechanical and electrical phone breakdowns such as broken screens, water damage, and touchscreen or camera damage.
Aon said it offers a ‘Funds Protect’ solution that will cover you for losses from an account on your behalf due to a money transfer that is bad from your financial institution or a third party. The coverage is specifically designed to protect you for funds withdrawn from your account, whether the loss has been approved or unauthorized from your account.
Cover by a personal Funds Protect policy is triggered if:
- Email interception fraud
- Transactions based on your stolen identity
- EFT / deposit fraud
- Hacking / phishing / vishing attacks
- Claims for ransomware attacks, denial of service attacks, etc.
- Fraudulent invoices
- Sim swap scam
- EFT scam
- Online banking fraud
- Online Shopping Fraud
- Vacation fraud
- Fake classifieds
- Wrong property rentals
“It is important that you contact your bank immediately if your phone is stolen or stolen to stop all transactions. Make sure you have purchased enough Funds Protect coverage to mitigate total financial loss as banks are unlikely to reimburse transactions related to cell phone theft.
“For example, if you purchased R25,000 Funds Protect coverage but all of your bank accounts are being accessed, your losses could be well in excess of R25,000 and potentially crippling. Funds Protect coverage is relatively cheap for what it offers and will be a lifeline in the event of money loss, ”said Cloete.
Read: Capitec Is Looking For 500 Jobs – Here Is What They Are Looking For