<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@SimSun";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:SimSun;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="ZH-CN" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.5pt;font-family:"Calibri",sans-serif;color:#1F497D">I have reported several of the spam callers to Safaricom; I don’t know if they just block the numbers, or if they actually report to DCI and allow
investigation and prosecution. <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.5pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.5pt;font-family:"Calibri",sans-serif;color:#1F497D">If no-one gets prosecuted then this is a no-risk business model. If people get prosecuted then at least there is some risk/cost that must be considered
compared to the potential revenue the scammers get…<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.5pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif"> KICTANet [mailto:kictanet-bounces+adam.lane=huawei.com@lists.kictanet.or.ke]
<b>On Behalf Of </b>Barrack Otieno via KICTANet<br>
<b>Sent:</b> Monday, May 30, 2022 11:30 AM<br>
<b>To:</b> Adam Lane <adam.lane@huawei.com><br>
<b>Cc:</b> Barrack Otieno <otieno.barrack@gmail.com><br>
<b>Subject:</b> Re: [kictanet] Sim card swap: How Farah Bashir lost Sh2.6m to fraudsters in hours<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div>
<div>
<p class="MsoNormal"><span lang="EN-US">Goodmorning Daktari,<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">I am in agreement. Most of these attacks are purely Social Engineering moves and indeed they are on the rise and very persistent. We need to step up Consumer awareness and digital literacy, the fraudsters are evolving
daily and becoming too sophisticated. Consumers should be encouraged to tighten their security. Two Factor Authentication is a good start. There is need for an evaluation on whether it is adequate, but Consumer Awareness which is believe is in CA's purview
and Digital Literacy are key.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Regards<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div>
<div>
<p class="MsoNormal"><span lang="EN-US">On Mon, May 30, 2022 at 11:20 AM Bitange Ndemo via KICTANet <<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>> wrote:<o:p></o:p></span></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<p class="MsoNormal"><span lang="EN-US">Before we all panic, it is important to dissect the problem here from all sides. My cousin, a teacher lost Ksh. 57,000 from his bank account. When he called me for help, I asked him many questions. It occurred to me
that he had inadvertently given out his data to some unknown people disguising themselves as sales reps marketing a new offer from a competing telecommunications operator. In my view, we need to do the following: take the digital literacy program very seriously,
sensitize citizens around data protection laws and leverage artificial intelligence (voice recognition for security purposes) for any withdrawal, especially among the very vulnerable in society. Institutions like Kenya Power and Lighting Company (virtually
every week I receive a fake call from "KPLC") should devise more secure ways of dealing with customers in the digital era. Since most of the fraud is largely an inside job, much of the backend work should be automated.<o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Ndemo<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div>
<div>
<p class="MsoNormal"><span lang="EN-US">On Mon, May 30, 2022 at 10:42 AM Deborah Wanjugu via KICTANet <<a href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a>> wrote:<o:p></o:p></span></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<p class="MsoNormal"><span lang="EN-US">Thank you for this article, Victor. <o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">This is quite frightening because prepaid customers on Safaricom cannot call 100 and get served by an agent (that was my experience which made me migrate back to postpaid). <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">If the gentleman in this article acted as quickly as he possibly could and reached out to Safaricom on Twitter yet did not get the help he needed then something is terribly wrong with that online reporting system. <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">I've noticed that when customer service agents respond on social media they respond based on their own perceptions and not what the client tells them. This isn't always the case and I'm not referring to Safaricom alone.
As a random example I reported not having received my electricity bill to Kanya Power on Twitter. Instead of sending me my estimate, one of the agents asked for the nearest marker to my place so they could send technical support.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Another problem is when you call to report fraud with your bank then they start asking you questions which feel irrelevant at the time. I once thought my card had been hacked so when I called to report it they asked me
some silly questions. I don't remember what they were but I do remember being pissed and having to contain myself under the pressure.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">There needs to be a tightening of customer service particularly with respect to online fraud reporting.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">I don't know what other pieces need to be fixed. This is where my personal beef is. <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Deborah<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div>
<div>
<p class="MsoNormal"><span lang="EN-US">On Mon, May 30, 2022, 10:14 Victor Kapiyo via KICTANet <<a href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a>> wrote:<o:p></o:p></span></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<p class="MsoNormal"><span lang="EN-US">Morning Listers,<o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">In the news today:<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Farah Bashir is yet to come to terms with how his bank accounts were wiped clean by fraudsters, barely two days after he had landed in Johannesburg for a two-week assignment in February.<o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">He painfully recounted how he watched helplessly as Sh2.6 million was withdrawn by hackers in several transactions from his four different Absa Bank accounts between February 7 and February 9.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Read more: <a href="https://nation.africa/kenya/news/sim-card-swap-how-farah-bashir-lost-sh2-6m-to-fraudsters-in-hours-3831356" target="_blank">
https://nation.africa/kenya/news/sim-card-swap-how-farah-bashir-lost-sh2-6m-to-fraudsters-in-hours-3831356</a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">SIM Card fraud has been in the bees lately. The sums lost are pretty high. I bet there are many sad tales from individuals who've lost collasal amounts due to sim swap fraud. <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">How come we're not able to contain this crimes? I wonder who's the weakest link here that needs to pull up their socks? It's really a big threat to our digital economy if we can't address this growing menace. <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Happy to hear your thoughts on this. <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Regards,<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Victor<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US">_______________________________________________<br>
KICTANet mailing list<br>
<a href="mailto:KICTANet@lists.kictanet.or.ke" target="_blank">KICTANet@lists.kictanet.or.ke</a><br>
<a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
Twitter: <a href="http://twitter.com/kictanet" target="_blank">http://twitter.com/kictanet</a><br>
Facebook: <a href="https://www.facebook.com/KICTANet/" target="_blank">https://www.facebook.com/KICTANet/</a><br>
<br>
Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/deborah.wanjugu%40gmail.com" target="_blank">
https://lists.kictanet.or.ke/mailman/options/kictanet/deborah.wanjugu%40gmail.com</a><br>
<br>
<br>
KICTANet is a multi-stakeholder Think Tank for people and institutions interested and involved in ICT policy and regulation. KICTANet is a catalyst for reform in the Information and Communication Technology sector. Its work is guided by four pillars of Policy
Advocacy, Capacity Building, Research, and Stakeholder Engagement.<br>
<br>
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or
qualifications.<br>
<br>
KICTANet - The Power of Communities, is Kenya's premier ICT policy engagement platform.<o:p></o:p></span></p>
</blockquote>
</div>
<p class="MsoNormal"><span lang="EN-US">_______________________________________________<br>
KICTANet mailing list<br>
<a href="mailto:KICTANet@lists.kictanet.or.ke" target="_blank">KICTANet@lists.kictanet.or.ke</a><br>
<a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
Twitter: <a href="http://twitter.com/kictanet" target="_blank">http://twitter.com/kictanet</a><br>
Facebook: <a href="https://www.facebook.com/KICTANet/" target="_blank">https://www.facebook.com/KICTANet/</a><br>
<br>
Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/bndemo%40bitangendemo.me" target="_blank">
https://lists.kictanet.or.ke/mailman/options/kictanet/bndemo%40bitangendemo.me</a><br>
<br>
<br>
KICTANet is a multi-stakeholder Think Tank for people and institutions interested and involved in ICT policy and regulation. KICTANet is a catalyst for reform in the Information and Communication Technology sector. Its work is guided by four pillars of Policy
Advocacy, Capacity Building, Research, and Stakeholder Engagement.<br>
<br>
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or
qualifications.<br>
<br>
KICTANet - The Power of Communities, is Kenya's premier ICT policy engagement platform.<o:p></o:p></span></p>
</blockquote>
</div>
<p class="MsoNormal"><span lang="EN-US">_______________________________________________<br>
KICTANet mailing list<br>
<a href="mailto:KICTANet@lists.kictanet.or.ke" target="_blank">KICTANet@lists.kictanet.or.ke</a><br>
<a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
Twitter: <a href="http://twitter.com/kictanet" target="_blank">http://twitter.com/kictanet</a><br>
Facebook: <a href="https://www.facebook.com/KICTANet/" target="_blank">https://www.facebook.com/KICTANet/</a><br>
<br>
Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/otieno.barrack%40gmail.com" target="_blank">
https://lists.kictanet.or.ke/mailman/options/kictanet/otieno.barrack%40gmail.com</a><br>
<br>
<br>
KICTANet is a multi-stakeholder Think Tank for people and institutions interested and involved in ICT policy and regulation. KICTANet is a catalyst for reform in the Information and Communication Technology sector. Its work is guided by four pillars of Policy
Advocacy, Capacity Building, Research, and Stakeholder Engagement.<br>
<br>
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or
qualifications.<br>
<br>
KICTANet - The Power of Communities, is Kenya's premier ICT policy engagement platform.<o:p></o:p></span></p>
</blockquote>
</div>
<p class="MsoNormal"><span lang="EN-US"><br clear="all">
<br>
-- <o:p></o:p></span></p>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-US">Barrack O. Otieno<br>
+254721325277<br>
+254733206359<br>
Skype: barrack.otieno<br>
PGP ID: 0x2611D86A<br>
<br>
<br>
<br>
<o:p></o:p></span></p>
</div>
</div>
</body>
</html>