Banking scams: Two-step verification isn't as safe as you think

Ever heard of a SIM swap scam? The SA Banking Risk Information Centre (Sabric) describes it as follows: criminals approach your service provider, pretending to be you, and request a transfer of your existing cellphone number to their new SIM card.

According to Wikipedia, SIM swap fraud is a kind of account takeover fraud that "targets a weakness in two-factor authentication and two-step verification, where the second factor or step is an SMS or call placed to a mobile phone".

In other words, scammers access your mobile phone to intercept sensitive transactions that require two-step verification.

Sabric’s latest Digital Banking Crime Statistics report found that more than half (55%) of the gross losses due to crime reported to the centre occur online.

'Gross losses' is a term used in the banking industry to refer to the total loss to the consumer as well as the bank. Therefore, it includes instances where the bank refunded the client.

The related scam of number porting allows fraudsters to "move" your mobile number to one of their devices, but on a different network. This is made possible by mobile number portability (MNP), which gives mobile phone users the ability to move to another network, while retaining their number.

Once scammers have managed to either swap your SIM or port your number, they can use it to "authorise" transactions as though they are you.

Tips from Sabric to protect yourself from SIM swaps and number porting:

  • Regularly verify whether the details received from cell phone notifications are correct and match recent activity on your account;
  • Memorise your PIN and passwords – never write them down or share them, not even with a bank official;
  • If reception on your cell phone is lost, immediately check what the problem could be;
  • Inform your bank if your cell phone number changes so that your cell phone notification contact number is updated on its systems;
  • Register for your bank's cell phone notification service and receive electronic messages relating to activities or transactions on your accounts as and when they occur.

* Sign up to Fin24's top news in your inbox: SUBSCRIBE TO FIN24 NEWSLETTER

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
ZAR/USD
16.38
(-0.24)
ZAR/GBP
21.18
(+0.35)
ZAR/EUR
19.12
(+0.55)
ZAR/AUD
11.52
(+0.21)
ZAR/JPY
0.16
(+0.24)
Gold
1868.30
(-0.54)
Silver
23.32
(-0.35)
Platinum
852.00
(-1.95)
Brent Crude
39.48
(-4.73)
Palladium
2201.00
(-2.33)
All Share
51896.97
(-0.79)
Top 40
47576.46
(-0.74)
Financial 15
9756.70
(-2.69)
Industrial 25
72681.12
(-0.25)
Resource 10
47826.96
(-0.63)
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Please select an option Oops! Something went wrong, please try again later.
Results
Yes, and I've gotten it.
23% - 132 votes
No, I did not.
51% - 290 votes
My landlord refused
26% - 151 votes
Vote