There has been an increase of more than 200% in the number of incidents of mobile banking fraud involving a SIM swap, the annual crime stats released by the South African Banking Risk Information Centre (Sabric) show.

Mobile banking is classified as banking via USSD, which stands for Unstructured Supplementary Service Data. The USSD interface is a channel between a bank and a mobile network operator on which the USSD communication takes place.

According to Sabric, there were 12,121 incidents of mobile banking fraud reported in 2018 compared with 5,762 in 2017. More than 11,000 of these cases involved a SIM swap.

Sabric’s stats show an increase in crime in almost every category during the reporting period of 01 January to 31 December 2018.

• Digital banking fraud across all platforms (banking apps, mobile and online) is up 75.3% with 23,466 reported Incidents, compared with 13,389 incidents in 2017. Gross losses in this category of fraud amounted to about R263m last year.
• There has been a 55.4% increase in incidents of fraud on banking apps, with 7,445 incidents reported in 2018 compared with 4,790 in 2017. Gross losses increased by 82.1% and amounted to more than R104m in this category of fraud.
• Incidences of mobile banking fraud increased by 100%, with gross losses of about R29m.
• There has been a 37.5% increase in incidents of online banking fraud, with 3,900 incidents reported in 2018 compared with 2,837 in 2017. Gross losses of R129m were reported in this category of crime.
• There was an 18% increase in combined gross fraud losses for credit and debit cards - from R739.9m in 2017 to R873.3m in 2018.
• Card Not Present (CNP) fraud increased by 28% when compared to 2017.

“CNP fraud on South African-issued credit cards remained the leading contributor to gross fraud losses in the country, accounting for 79.5% of all losses. CNP debit card fraud showed the greatest increase in losses at 62.3%, due to the enablement of Card Not Present transactions on debit cards,” says Sabric chief executive Kalyani Pillay.

Sabric has seen a sharp increase in “vishing” incidents, which is when criminals phone bank customers, lead them to believe that they are speaking to the bank or a legitimate service provider and manipulate the customer into disclosing their confidential bank card details, as well as other personal information. 

“A bank will never call you to ask for this information. If you receive such a call, put the phone down immediately,” says Pillay. 

Criminals are adept at understanding psychology and will use tactics to exploit any human vulnerability to harvest confidential information like a PIN or a password in order to steal cash.

“When it comes to online banking, beware of phishing emails that request that you click on a link. The link directs you to a ‘spoofed’ website designed to obtain, verify or update contact details or other sensitive financial information.

“Never click on links in unsolicited emails!” says Pillay.

* Want to keep tabs on your purse? Follow Tiso Money on Facebook and Twitter.