Fake car auctions and disappearing data: Wendy Knowler’s 'watch-outs of the week'
In this weekly segment of bite-sized chunks of useful information, consumer journalist Wendy Knowler summarises news you can use:
The fake car auction scam ... it’s still a thing
I reported on this scam back in July, but it seems a lot of people are still getting caught by it. I’ve just had to break it to “Christiaan” that he’s been scammed.
He sent me an email about a “bank repossessed” car he bought after seeing an advert on Facebook. (Alarm bells should already be ringing.)
It read: “2018 Toyota Corolla 1.5 Prestige auto for sale, R29,000. Buy before auction.”
Christiaan said: “I purchased a car from a bank. It was a repossessed vehicle; they advertised it for R29,000, so I paid half: R14,500. Then they sent me a letter from Absa saying I have to pay the full amount, so I did.”
That letter was clearly a fake.
“Then the car is on its way to me,” Christaan continued, “But I received a call saying they neglected to add VAT to the price, so now I can’t have the car until I pay that. What can I do?”
Scams always involve a too-good-to-be-true price and urgent requests to pay on-the-spot to avoid losing the deal.
Jacques van der Linde, who sits on the board of the SA Institute of Auctioneers, said it’s important for consumers to know that an auctioneer may not withdraw a bank repossessed car from a scheduled auction and sell it to an interested party under any circumstances.
And anyone buying a vehicle needs to be taken through a FICA onboarding and verification process — bona fide car dealers are not allowed to just accept cash into their bank account without understanding the source of the funds and the client who provided them.
Also, if the “dealership” has a Capitec or African Bank account, that’s another scam red flag — neither of those banks have business accounts.
Yes, Cell C subscribers, your data is “disappearing”
Many subscribers claim that their cellphone data or airtime mysteriously “disappears”, despite their devices being inactive.
The networks blame apps running in the background, Wasp subscriptions and more. But how does an ordinary consumer keep track of what’s really going on?
Happily, the tech fundis at MyBroadband do the tests for the rest of us.
For the third time this year, they conducted disappearing airtime and data tests last month on Vodacom, MTN, and Cell C.
They used three identical Huawei Mate 20 Pro devices to ensure an equivalent testing environment for all operators and all three devices were updated, and factory reset.
“My Data Manager” was installed to have a second opinion on data used during the test.
All updates were disabled, and all the apps were individually denied mobile network access.
Mobile data was switched off, and the phones were connected to a stable Wi-Fi internet connection for the duration of the test. VoLTE and data roaming were also switched off.
They used SIM cards that had been active for some time with varying levels of airtime and data.
All the SIM cards were checked to ensure that no WASP services were enabled that could use airtime or data.
The phones were kept in the same office for the duration of the test, and only USSD balance checks were performed to check data and airtime.
During the weeklong test, none of the devices showed mobile data use in the built-in Android settings or the My Data Manager app.
No mobile data was used on the MTN and Vodacom phones, but small amounts of data disappeared throughout the Cell C test. No airtime was lost on any of the devices.
According to MyBroadband editor Jan Vermeulen, Cell C’s chief technology officer Schalk Visser said they recorded what he termed “valid chargeable usage” on their data network for the test device.
Visser said Android smartphones may use mobile data while connected to an LTE (4G) network, even when the connection is disabled.
“Under the 3GPP LTE standards, data traffic is possible across the 4G mobile network even when the ‘mobile data’ setting is turned off,” Cell C said.
Vermeulen says MTN and Vodacom had the same issue some time ago, but both had since remedied that.
Clearly Cell C should follow suit.
Beware the fake courier email
Cybercriminals are capitalising on higher delivery volumes during the end-of-year shopping season by imitating trusted courier and delivery companies, according to Brian Pinnock, cybersecurity expert at global cybersecurity company Mimecast.
“Tens of thousands of emails are being sent to consumers in the wake of Black Friday and Cyber Monday in the hope that they will bite,” he said.
One reads: “Your package is ready for delivery. Confirm the shipping fee of 50 ZAR by clicking on the button below.”
Once they click on the link provided in the email, consumers are redirected to a web page where they are asked to pay that relatively small fee for their package to be delivered.
“By entering their credit card details, they have handed their financial information over to the criminals,” Pinnock said.
With so many presents being sent at this time of the year, it’s the perfect time for fraudsters to try their luck.
And the “fee” they ask for is small, so many people don’t mind making the payment.
Two delivery brands in SA have been impersonated in the campaign, Pinnock said, with nearly 50,000 emails sent to unsuspecting consumers.
“The growing popularity of online shopping in SA and ongoing disruption from the pandemic is creating fertile ground for threat actors to subvert the brands of well-known delivery companies in the service of cybercrime,” Pinnock said.
“Consumers should exercise extreme caution when clicking on links in emails, especially when some form of payment is being requested. Delivery companies should also take additional steps to protect customers, including the deployment of DMARC and brand exploit protection solutions that limit cybercriminals' ability to imitate their brands.”