[kictanet] Be careful what information you give and to who!
Odhiambo Washington
odhiambo at gmail.com
Fri Nov 11 13:41:20 EAT 2011
On Fri, Nov 11, 2011 at 12:31, J.R. Kirongothi <kirongothi at kasneb.or.ke>wrote:
> The thugs are never asleep devising ways and means of robbing us. I
> received the following from a friend:
>
>
> Not sure you've heard of this incident? - Better be safe than sorry!
>
> This incident happened to a colleague recently. A bad experience indeed.
> He received a call from someone claiming to be calling from Safaricom. The
> caller was very composed.
> The caller told him "thank you for being our loyal and valuable MPESA
> customer. You recall we had initially given you a black SIM card but
> changed to green". He answered in the affirmative. The caller then went
> ahead to tell him that Safaricom was running a reward promotion scheme for
> their loyal MPESA customers and went ahead to ask him to confirm his
> National ID number and year of birth. Unsuspecting, he disclosed that
> information. Coincidentally his birth year was also his Mpesa Pin no.
> The guy posed for a while and asked him whether 19- - (say 1967) was his
> year of birth .He again answered in the affirmative.
> The caller then told him he would be sent Nokia 8230, but before then he
> needed to dial *33*0000#, which he did. He was then told not to call or
> transact anything using his line for the next ten minutes as they perform
> transactions, purportedly at Safaricom, facilitating the process of
> receiving the Nokia 8230 set. He complied. He is asked about his current
> location, which information he gives.
> After 10 minutes he tried to call back the number to confirm status of the
> alleged gift only for the following message to appear "Barring all outgoing
> calls activated for SMS services activated for all data circuit async".
> After 15 minutes the wife calls him on his alternate line claiming that
> someone had called her using his (husband's) safaricom line telling her to
> send them Ksh.10,000 for his release from arrest. She is baffled and hence
> decides to use alternate line, only to discover he is safe and sound.
>
>
A case of sheer coincidence and utmost gullibility, typical of Kenyans.
As Dennis says, this is simple social engineering attack.
Their other *modus operandi* is they send you a fake M-PESA message and
call you shortly after, telling you that they sent the money to you by
mistake and proceed to request you to just (and kindly) agree to send the
money back to them (instead of calling M-PESA help line to do the
reversing). I remember one such guy even prodded me to deduct *kitu
kidogo*for my soda and send him the rest.
However, I do agree with you that there could be connivance from inside
Safaricom. When they "visited" me with their trick, I received two fake
M-PESA texts on the same day. I happened to have over 30,000 on M-PESA at
that point in time. So, yes, there must be moles planted by them inside
Safaricom. Afterall, aren't the Customer Care people not just those Call
Centre staff???
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
I can't hear you -- I'm using the scrambler.
Please consider the environment before printing this email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20111111/6aea0b88/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 652 bytes
Desc: not available
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20111111/6aea0b88/attachment.png>
More information about the KICTANet
mailing list