[kictanet] Sim card swap: How Farah Bashir lost Sh2.6m to fraudsters in hours

James Mbugua jgmbugua at gmail.com
Mon May 30 12:32:37 EAT 2022


Listers,

While education will be important, we can't run away from.the elephant in
the room; Safaricom's liability.

It strikes me that most of these stories involve Safaricom.

It is also true, that most people are mot sophisticated enough to even
understand how these fintech products work.

They therefore are entering into contacts of utmost good faith withthe
provider trusting that the provider will uphold their fiduciary duty.

To me this is a case of negligence on many levels and while contributory
negligence can be found on the subscriber for inadvertently providing their
details or being gullible, the responsibility to ensure the integrity of
the product is the privders'.

It is a pattern it seems that these heists are carried out immediately
after a SIM swap. What genius does it take to design the product that no
immediate financial transactions take place on the line after a SIM swap?
Or require personal visit to a shop to reactivate?

It is also not clear how these crooks are able to tell who has money or has
recently had money.

It is also not clear how and where they cash these embezzled funds that the
provider has not been able to identify.

To me the provider should be held culpable and should refund all those who
have lost money through these scams.

Regards,

JG

On Mon, 30 May 2022, 11:59 Adam Lane via KICTANet, <
kictanet at lists.kictanet.or.ke> wrote:

> I have reported several of the spam callers to Safaricom; I don’t know if
> they just block the numbers, or if they actually report to DCI and allow
> investigation and prosecution.
>
>
>
> If no-one gets prosecuted then this is a no-risk business model. If people
> get prosecuted then at least there is some risk/cost that must be
> considered compared to the potential revenue the scammers get…
>
>
>
> *From:* KICTANet [mailto:kictanet-bounces+adam.lane=
> huawei.com at lists.kictanet.or.ke] *On Behalf Of *Barrack Otieno via
> KICTANet
> *Sent:* Monday, May 30, 2022 11:30 AM
> *To:* Adam Lane <adam.lane at huawei.com>
> *Cc:* Barrack Otieno <otieno.barrack at gmail.com>
> *Subject:* Re: [kictanet] Sim card swap: How Farah Bashir lost Sh2.6m to
> fraudsters in hours
>
>
>
> Goodmorning Daktari,
>
>
>
> I am in agreement. Most of these attacks are purely Social Engineering
> moves and indeed they are on the rise and very persistent. We need to step
> up Consumer awareness and digital literacy, the fraudsters are evolving
> daily and becoming too sophisticated. Consumers should be encouraged to
> tighten their security. Two Factor Authentication is a good start. There is
> need for an evaluation on whether it is adequate, but Consumer Awareness
> which is believe is in CA's purview and Digital Literacy are key.
>
>
>
> Regards
>
>
>
> On Mon, May 30, 2022 at 11:20 AM Bitange Ndemo via KICTANet <
> kictanet at lists.kictanet.or.ke> wrote:
>
> Before we all panic, it is important to dissect the problem here from all
> sides.  My cousin, a teacher lost Ksh. 57,000 from his bank account. When
> he called me for help, I asked him many questions. It occurred to me that
> he had inadvertently given out his data to some unknown people disguising
> themselves as sales reps marketing a new offer from a competing
> telecommunications operator. In my view, we need to do the following: take
> the digital literacy program very seriously, sensitize citizens around data
> protection laws and leverage artificial intelligence (voice recognition for
> security purposes) for any withdrawal, especially among the very vulnerable
> in society.  Institutions like Kenya Power and Lighting Company (virtually
> every week I receive a fake call from "KPLC") should devise more secure
> ways of dealing with customers in the digital era.  Since most of the fraud
> is largely an inside job, much of the backend work should be automated.
>
>
>
> Ndemo
>
>
>
> On Mon, May 30, 2022 at 10:42 AM Deborah Wanjugu via KICTANet <
> kictanet at lists.kictanet.or.ke> wrote:
>
> Thank you for this article, Victor.
>
>
>
> This is quite frightening because prepaid customers on Safaricom cannot
> call 100 and get served by an agent (that was my experience which made me
> migrate back to postpaid).
>
>
>
> If the gentleman in this article acted as quickly as he possibly could and
> reached out to Safaricom on Twitter yet did not get the help he needed then
> something is terribly wrong with that online reporting system.
>
>
>
> I've noticed that when customer service agents respond on social media
> they respond based on their own perceptions and not what the client tells
> them. This isn't always the case and I'm not referring to Safaricom alone.
> As a random example I reported not having received my electricity bill to
> Kanya Power on Twitter. Instead of sending me my estimate, one of the
> agents asked for the nearest marker to my place so they could send
> technical support.
>
>
>
> Another problem is when you call to report fraud with your bank then they
> start asking you questions which feel irrelevant at the time. I once
> thought my card had been hacked so when I called to report it they asked me
> some silly questions. I don't remember what they were but I do remember
> being pissed and having to contain myself under the pressure.
>
>
>
> There needs to be a tightening of customer service particularly with
> respect to online fraud reporting.
>
>
>
> I don't know what other pieces need to be fixed. This is where my personal
> beef is.
>
>
>
> Deborah
>
>
>
> On Mon, May 30, 2022, 10:14 Victor Kapiyo via KICTANet <
> kictanet at lists.kictanet.or.ke> wrote:
>
> Morning Listers,
>
>
>
> In the news today:
>
>
>
> Farah Bashir is yet to come to terms with how his bank accounts were wiped
> clean by fraudsters, barely two days after he had landed in Johannesburg
> for a two-week assignment in February.
>
>
>
> He painfully recounted how he watched helplessly as Sh2.6 million was
> withdrawn by hackers in several transactions from his four different Absa
> Bank accounts between February 7 and February 9.
>
>
>
> Read more:
> https://nation.africa/kenya/news/sim-card-swap-how-farah-bashir-lost-sh2-6m-to-fraudsters-in-hours-3831356
>
>
>
> SIM Card fraud has been in the bees lately. The sums lost are pretty high.
> I bet there are many sad tales from individuals who've lost collasal
> amounts due to sim swap fraud.
>
>
>
> How come we're not able to contain this crimes? I wonder who's the weakest
> link here that needs to pull up their socks? It's really a big threat to
> our digital economy if we can't address this growing menace.
>
>
>
> Happy to hear your thoughts on this.
>
>
>
> Regards,
>
>
>
> Victor
>
>
>
>
>
> _______________________________________________
> KICTANet mailing list
> KICTANet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/deborah.wanjugu%40gmail.com
>
>
> KICTANet is a multi-stakeholder Think Tank for people and institutions
> interested and involved in ICT policy and regulation. KICTANet is a
> catalyst for reform in the Information and Communication Technology sector.
> Its work is guided by four pillars of Policy Advocacy, Capacity Building,
> Research, and Stakeholder Engagement.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
> KICTANet - The Power of Communities, is Kenya's premier ICT policy
> engagement platform.
>
> _______________________________________________
> KICTANet mailing list
> KICTANet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/bndemo%40bitangendemo.me
>
>
> KICTANet is a multi-stakeholder Think Tank for people and institutions
> interested and involved in ICT policy and regulation. KICTANet is a
> catalyst for reform in the Information and Communication Technology sector.
> Its work is guided by four pillars of Policy Advocacy, Capacity Building,
> Research, and Stakeholder Engagement.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
> KICTANet - The Power of Communities, is Kenya's premier ICT policy
> engagement platform.
>
> _______________________________________________
> KICTANet mailing list
> KICTANet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/otieno.barrack%40gmail.com
>
>
> KICTANet is a multi-stakeholder Think Tank for people and institutions
> interested and involved in ICT policy and regulation. KICTANet is a
> catalyst for reform in the Information and Communication Technology sector.
> Its work is guided by four pillars of Policy Advocacy, Capacity Building,
> Research, and Stakeholder Engagement.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
> KICTANet - The Power of Communities, is Kenya's premier ICT policy
> engagement platform.
>
>
>
> --
>
> Barrack O. Otieno
> +254721325277
> +254733206359
> Skype: barrack.otieno
> PGP ID: 0x2611D86A
>
>
>
> _______________________________________________
> KICTANet mailing list
> KICTANet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/jgmbugua%40gmail.com
>
>
> KICTANet is a multi-stakeholder Think Tank for people and institutions
> interested and involved in ICT policy and regulation. KICTANet is a
> catalyst for reform in the Information and Communication Technology sector.
> Its work is guided by four pillars of Policy Advocacy, Capacity Building,
> Research, and Stakeholder Engagement.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
> KICTANet - The Power of Communities, is Kenya's premier ICT policy
> engagement platform.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20220530/fcdb77b2/attachment.htm>


More information about the KICTANet mailing list