Tag: fraud

Source: MyBroadband

If your bank card gets stolen and you cancel it, this does not automatically mean that all payments from it will be blocked.

This was the case when two FNB customers contacted MyBroadband about their frustrating experiences with the bank.

The customers both had their FNB bank cards stolen in different scenarios – and both contacted FNB to have their cards cancelled.

Despite cancelling the cards, both users noted small payments still going off their bank accounts via card transactions.

The charges were toll gate fees.

In one case, the customer reportedly asked FNB why the cancelled card could still make transactions. He said he was told by FNB that he would have to blacklist the card, on top of cancelling it, to stop the transactions.

In the other case, the customer stated that all he could do was get a refund for the toll gate fees.

This customer subsequently contacted the toll gates where his card was being used to ask them to block transactions on it.

He also managed to obtain an image of the vehicle using his stolen card – it was a white Toyota minibus taxi with a Gauteng registration.

FNB responds
MyBroadband contacted FNB for feedback on the matter, and the bank confirmed that the bank cards were cancelled as described above.

“Unfortunately, due to toll gate merchants operating in an offline environment, this prevents them from obtaining authorisation from the bank for transactions of this nature. As a result, additional transactions were posted,” said FNB.

“The customer will not incur any loss resulting from fraud in this scenario.”

FNB was asked what a bank customer should do to ensure their cancelled card is not used to make these types of transactions, but the bank did not provide feedback.

Offline transactions
According to PASA (Payments Association of South Africa) documents, lost and stolen card fraud at toll gates has been highlighted as a significant concern in recent years.

“Although toll card transactions are a card present transaction, fast throughput of vehicles is important and transactions are thus processed in an offline and delayed manner – cleared in batch,” states PASA.

“Importantly, unlike any other offline card present card transactions, toll gate transactions are not verified by the cardholder in any way.”

It added that while toll gate transactions are checked against the “Hot Card” file, this “only contains a limited number of all lost and stolen card details”.

By Bryan Smith for Coin Insider 

Eran Eyal, a South African-educated technology entrepreneur who now lives in the US, is facing criminal charges in the New York for allegedly stealing more than US$600 000 from investors.

According to a new release from New York Attorney General Barbara Underwood, South African Eran Eyal – former CEO of Springleap and incumbent CEO of Shopin – has formally been charged with fraudulently soliciting investors, making false representations, and for computer crimes during his tenure with the former company.

Underwood’s statement outlines that Eyal allegedly stole as much as $600,000 USD from investors by ‘fraudulently soliciting investors’ to ‘purchase convertible notes through false representations of his company.’

In a statement to the press, Underwood outlined that “As we allege, this massive securities fraud scheme bilked investors out of hundreds of thousands of dollars… Defrauding New Yorkers through false representations and fabrications about a business will not be tolerated by my office – and we’ll continue to do what it takes to root out and prosecute securities fraud.”

Springleap – a global crowdsourcing company – has now been alleged to have made false representations about its management team and pool of professionals, and fabricated the existence of several senior staff members and an Advisory Board.

Further, Underwood’s office cites that Springleap’s community of over 180,000 creative professionals was fabricated by means of hiring a ‘freelance computer hacker to web-scrape computer data from a legitimate online portfolio website in order to obtain pedigree information for creative professionals to falsely inflate his existing list’.

In cryptocurrency circles, Eyal serves as the CEO and founder of Shopin – a platform touting itself as the “world’s first decentralized shopper profile built on the blockchain.”

Shopin concluded its private pre-sale on January 27th this year, reportedly raising as much as $10 million USD. The platform claims to have raked in $32.5 million USD through its public pre-sale on March 30th, and apparently concluded its token generation event with a total of $42.5 million USD.

Eyal faces no charges for his activities or role with Shopin.

As Underwood’s office outlines, Eyal presently faces three counts of Grand Larceny in the Second Degree, one count of Grand Larceny in the Third Degree, one count of Unlawful Duplication of Computer Related Material in the First Degree, one count of Criminal Possession of Computer Related Material), one count of Scheme to Defraud in the First Degree, and four counts of Securities Fraud under the Martin Act. If convicted, Eyal would face between five to fifteen years in prison.

Eyal has not made public comment since the announcement of his indictment, while Shopin itself has not issued public word on the charges laid against its CEO at press time.

By Adiel Ismail for Fin24 

Goliath and Goliath CEO Kate Goliath is encouraging small businesses to ramp up security measures after her comedy and entertainment agency fell victim to invoice intercepting as a result of e-mail hacking.

Goliath and Goliath is out of pocket to the tune of more than R300 000, while its subsidiary The PR Bailiff has been scammed out of R20 000.

The hackers gained access to the company’s emails and requested clients to make payments to a different bank account.

Goliath told Fin24 that small businesses shouldn’t just rely on tech companies to educate them about cybercrime.”Find out as much information about how hackers get into the systems so that you are aware of what service providers need to offer,” she said.

“Be vigilant. Protect your business and insure the technical side of your business as well.”

The company opened a case with the police and is in the process of sending a subpoena to the bank where the funds have been deposited.

Afrihost said it will work with the police to further investigate the incident. “We strongly believe this was a case of phishing,” a representative told Fin24.

Entertainment and media high risk for cybercrime

“We have noticed that some banks are posting warnings before a client makes a payment to verify that the bank details they’re using are correct. We assume that this is because of an increase in these types of phishing attacks.”

Cyber incidents rank top in the entertainment and media, financial services, technology and telecommunications industries, according to the Allianz Risk Barometer 2018.

The report revealed that cyber incidents remain a top threat with 38% of responses for South African businesses, which is reported to lose billions of rands a year to cyber attacks.

The three Goliaths – Jason, Donovan and Nicholas – do stand-up comedy and entertains at workshops, conferences, award ceremonies and events.

Craig Rosewarne, Managing Director at Wolfpack Information Risk, which is a threat intelligence firm that specialises in understanding and predicting cyber threats, said small and medium businesses are just as vulnerable as big businesses when it comes to hacking.

“Their challenge however is that security is often the last thought until they get stung and end up either losing a substantial amount of money or leaking their customer’s sensitive data,” he told Fin24.

Wolfpack has assisted many small and medium sized businesses whose invoices have been hacked, said Roseware. In this regard it has found three common causes:

1. Attackers will perform reconnaissance on key individuals in IT / Finance / Execs and send a targeted spear phishing email to target their machines for access or further information

2. Spyware is loaded on their devices that record keystrokes and take screenshots for the attacker

3. Compromising their online hosting / email platform and adding in rules for any email that has the word “invoice” or “payment” – to send a duplicate email to the attacker’s gmail or “burner” account.

Tips for companies

Roseware suggested that companies under attack should conduct an independent risk assessment and obtain guidance on how to mitigate risk.

“Employees should also be made aware of risks and this should be backed up with an information security policy signed by staff and contractors.”

He also stressed the importance of having up to date anti-malware software on all devices that process sensitive information.

Cyber risk is fast becoming the number one risk facing countries, governments and organisations, noted Roseware.

“In all of these scenarios it often boils down to an individual that gets compromised so cyber awareness is key in both your business and personal lives.”

Six property scams to avoid

A recent article by Business Tech highlights the leading property scams to avoid.

Engel & Völkers singled out the most predominant property scams you may encounter while searching to buy or rent property:

1. Intercepted emails

This involves scammers, hacking into the email of people involved in the transactions, such as agents or lawyers, by tricking home buyers into wiring funds to them instead of the appropriate parties. They often will use a generic email address indicating that the funds should be wired to a specific account which will then vanish without a paper trail.

2. Fraudsters posing as a buyer

They will approach a seller privately and show keen interest in the property and put in an offer. After a few days, the supposed buyer will contact the seller asking for a document to be signed to help them get their home loan approved, which the seller then signs without reading too much of the document only to discover later that a third party claims to have bought the home.
It will be found that the scam artist (the first buyer) has been marketing the home online as an agent, by taking the photos off various websites, and has found a buyer who is also unaware that something is wrong – and who might have paid a large deposit over to the supposed agent.

3. Identity theft

Criminals have become much more experienced and are using stolen identity details not only to empty bank accounts but to obtain various credit accounts and even home loans. They are able to delay detection of the fraud for long periods while the unpaid bills and instalments mount up.

The scammer will use false documents to pose as the property owner, register forged documents transferring a property to their name, and then get a new mortgage against the property. After securing a mortgage or line of credit, the criminal takes the cash and disappears.

4. Bait and switch scheme

This occurs when a prospective buyer offers an ‘above market value’ price to a seller. The seller, impressed by the high offer signs the contract, meanwhile the deceitful buyer has no intention to purchase the property.

Once the seller signs the contract, the seller may only sell to that buyer for a specified time, when that time ends the fraudster asks to extend the contract a few weeks to work out closing details. Sounding reasonable, the seller agrees to the extension blinded by the high offer.

In the meantime the seller keeps paying taxes, maintenance, utilities and insurance the buyer comes back to the seller with an excuse as to why this price no longer works, and requests a reduction to below market value and threatens to cancel if their demand is not met. Stressed by time and on-going costs, the seller agrees to the reduction.

5. Duplicated listings

“Agents” copy legitimate rental listings and advertise for a much cheaper price. Unfortunately, many people fall for these fake listings and wire money to the owners of these fake listings.

6. Fake rental agents

When you find a property you really like, you call the agent to arrange a viewing and they say they will meet you there. Later they call and say they won’t be able to make it anymore, but no need to worry the landlord will be there to show you around. The agent then promises to negotiate a lower price with the landlord.

When you arrive at the house you find many other people interested in renting the same place. You call the agent back to negotiate a better price that you’re happy with; they will phone you back shortly to inform you of the new price, all you have to do is transfer the money for the first two months to secure the place.

On moving day, you find someone else is moving in and the agent wasn’t an agent; they just found the property online and reposted it with their own contact information. They purposely send several people at a time to view the property to generate a sense of urgency for the potential renters.

Avoid becoming a victim

  • Be wary when you are requested to make a payment for something minor like a credit check or security deposit, in most cases, there’s nothing you can do to get your money back because the scammer can’t be tracked.
  • If the price looks too good to be true, it probably is. Prices are considerably higher than they were a few years ago.
  • The email sounds strange – some listings hide the email address when you send a message, so you might not be able to see the address if you respond to the listing. Scammers usually use free email servers and they’ll often go by a series of random letters to make them less easily traceable.
  • The agent won’t show you the property – If you ask to see the property and they claim it’s impossible, it’s probably a fake listing. Agent will make time for people who are interested in the property.
  • The seller pushes you – the faster a scammer gets you to agree to a business deal, the faster they can steal your money and avoid getting caught. The seller will often use high-pressure tactics that attempt to push you into acting quickly in order to purchase the home. Don’t be prodded by any seller to send money.
  • The seller asks you to wire money – when you see the term “wire money” or similar variation of that phrase come up in a business conversation with someone you’ve never met, red flags should go up. Many scams entail wiring of funds because it’s more difficult to trace and enables the scammer to collect the money sooner. Scammers will come up with a variety of plausible reasons why the money should be wired rather than sent through a bank or lawyer.
  • The buyer or seller is foreign and wants to buy a home unseen – most people want to at least see a property and become familiar with the area before making a large investment. This doesn’t mean you should be wary of all foreign inquiries, but many scams often occur overseas because it’s harder to trace the person behind the fraud. Foreign buyers who don’t ask questions, act in haste, and don’t care to see the property indicate a high likelihood of fraud.
  • Be well informed about market related prices within the area you are looking to rent or buy. If a property is advertised way below the market related price for that area it should raise your concerns.
  • If you found a “bargain” online you should call the estate agency to find out if the deal is for real. Don’t call the number at the bottom of the ad because this number could lead to a fake office. Rather find the actual office number, call there and ask the receptionist to give you the number of the specific agent or branch you are looking for.
  • Be wary of agents and landlord who seem too eager or pushy to get you to live in their property or one they are marketing. A legit agent or landlord will always conduct the necessary checks and will not be too disappointed when you don’t show much interest in the property.
  • If the agent is constantly making up excuses as to why they are not able to meet you or show you the property, you should also be worried. The chances are good that they don’t have access to the property and are stalling for time until they can think of a clever way to get you to pay the deposit.
  • Never pay a deposit before you have viewed a property.

Source: Business Tech

Top tricks used by card fraudsters in SA

By Timothy Rangongo for Business Insider SA 
Source: South African Banking Risk Information Centre

The South African Banking Risk Information Centre (Sabric) has released its card fraud statistics for 2017.

South Africa’s banking industry was hit with a 1% increase in credit card fraud in 2017, which rose to R436.7 million, according to the latest report on card fraud.

Debit cards were the least hit by fraud, which declined by 8.5% to R342.2 million in the same period.

CEO of SABRIC, Kalyani Pillay, attributes the decrease in debit card fraud to a reduction in lost and/or stolen and counterfeit card fraud.
“Criminals are always adjusting their tactics to take advantage of innovations in the banking landscape.”

Sabric lists these as the trending types of fraud in South Africa:

Lost and/or stolen card fraud
In many cases lost and/or stolen cards are obtained by interfering with customers while transacting at an ATM; criminals distract victims by offering them assistance during which the card and PIN are obtained.
The card is then used repeatedly at ATMs until the daily cash withdrawal limit on the card is reached, after which high value transactions are made at merchants.

Not-received issued-card fraud
Here, criminals intercept a genuinely-issued card before it reaches the customer.

False-application card fraud
Accounts are opened by falsifying a credit applications.

Counterfeit card fraud
Counterfeit cards are made using information stolen from the magnetic strip of a genuine card, usually through card skimming.

Card-skimming via Point of Sale (POS) devices
The first POS skimming devices were retrieved in South Africa in 2014, according to Sabric. Criminals steal legitimate POS devices from merchants and then convert them into skimming devices. In some instances, devices are swapped between different merchants to make it seem as if all devices are accounted for.

Account-takeover card fraud
The common denominator for both account-takeover fraud and false-application fraud is access to the personal information of victims. Takeovers are done by obtaining personal or client-specific information, pretending to be the client and then applying for a replacement card.

Card not present card fraud (CNP)
These transactions are done via telephone or internet. Criminals source card data in various ways such as phishing, vishing, malware, and data breaches.

How you can protect yourself against card fraud:

  • Don’t disclose personal information such as passwords and PINs when asked to do so by anyone via telephone, fax, or even email
  • Don’t write down PINs and passwords, and avoid obvious choices like birth dates and first names
  • Don’t use any Personal Identifiable Information (PII) as a password, user ID, or personal identification number (PIN)
  • Don’t use internet cafes or unsecured terminals (hotels, conference centres etc.) to do your banking
  • Review your account statements on a timely basis and query disputed transactions with your bank immediately
  • When shopping online, only place orders with your card on secure websites
  • Do not send e-mails that quote your card number and expiry date
  • Ensure that you get your own card back after every purchase
  • Report lost and stolen cards immediately
  • If you have a debit, cheque and credit card, don’t choose the same PIN for all of them. If you lose one, the others will still be safe
  • While transacting always keep an eye on the ATM card slot to ensure that your card is not taken out, skimmed, and replaced without your knowledge
  • Should your card be retained by an ATM, contact your bank and block your card before you leave the ATM
  • Subscribe to your bank’s SMS notification services to inform you of any transactional activity on your account

 

Stock losses, fraud not top-of-mind in SA

South African businesses need a different mindset to address ongoing stock losses and fraud.

In the absence of a “proper” risk mitigation plan and loss control blueprint, South African business owners will never really address the critical levels of theft and fraud impacting on our economy, according to commercial investigator and international risk consultant, Kyle Condon (Managing Director at D&K Management Consultants).

“Experience has taught me that trust and effective loss control do not go together. We live in a society that has criminal presence constantly lurking around us. Old style security measures and trusting of everybody have left businesses open to losses like an open wound exposed to a sewer. Employees need to be watched continuously and loss control tactics need to be revised to accommodate this,” says Condon.

With many businesses operating on shoe-string budgets, security is often one of the first things to go. Ironically, says Condon; “it should be one of the portfolios that get additional budget assistance. When, companies cut security, those employees that were always dissuaded from going through with criminal action often go over the edge and ‘raid the cookie jar’.”

While South Africa has one of the most corrupt governments sketched on the political portrait, expecting every employee to behave in a moral honest way is far from realistic. We see what our leaders do and follow suit.

Sadly, most companies choose to ignore this red flag and continue to fool themselves into believing that the presence of a uniformed security officer or two is adequate to prevent and deal with internal criminal activity. Condon believes that “old school” security is a thing of the past. “It is time we accept that our businesses, like our homes, require proper defences,” states Condon.

So, what exactly does this mean?

“Our business sector has major structural employment weaknesses, due largely to political pressures, window-dressed appointments and fear of union retribution, this has led to a breakdown of strong policies and procedures that existed in the past. Many managers are just too afraid to confront the issues or speak out in fear of being branded or painted with the race brush. And, as a result, policies and zero tolerance are eroded. Unions have gained a lot of power, often holding companies to “ransom” when it comes to enforcing strong security measures. Polygraphs, for example, are always declined by Union reps, searching procedures get labelled as an invasion of one’s privacy, etc. Old school security methods have been watered down to create a mere ‘illusion of loss control’,” he says.

Modern day loss control and security plans must include the following key concepts:

• Internal investigation specialists (undercover agents) deployed as, I like to say, ‘modern day spies’.
• Quarterly sweeping and debugging of executive offices and meeting rooms.
• Strike action plans, designed specifically for the individual company and its employees to provide proper Duty of Care during strike action.
• Alignment with a reputable forensic investigator or company who understands the methods, methodology and principles of fraud and financial crimes, in the workplace.
• Thorough pre-employment screening of new candidates, including checking of criminal records through fingerprinting.
• A steadfast CCTV viewing plan conducted off site by an independent viewer, providing monthly viewing reports covering all aspects of risky behaviour, suspicious actions and overall health and safety concerns.
• Travel risk reports, for employees traveling to potentially hostile environments both locally and internationally. This would include arranging VIP protection, where needed.
• Annual security surveys to address all shortcomings of the physical security measures of the business.
• Due diligence must become part and parcel of the sales teams’ portfolios, before stock or material leaves for suspicious clients an investigation unit should first check out that all is above-board, and that you are not being scammed.
• Handing over the time consuming and demanding security portfolio to a dedicated and qualified loss control manager.

“I do not agree with companies splitting up the security portfolio and contracting various players for various things. Managing this portfolio is a job that requires full time participation. This is exactly what D&K Management Consultants does for its clients. We provide the correct expertise in one unique portfolio designed around modern-day risk,” says Condon.

“We are in many ways a country at war with itself, and business is not spared any of the risks that a ‘war’ environment brings. Therefore, defending your company requires a modern day ‘warfare’ approach. Intelligence, logic, expertise and strategy have replaced uniforms, guns and electric fences to a large extent”, Condon says, as he smiles.

PC distributor Mustek is assisting the City of Johannesburg (COJ) in a case where the city paid R6-million for 500 desktop computers to a service provider but the PCs were never delivered to the municipality.

In a statement, COJ mayor Herman Mashaba says he was informed that the city paid R6 million for 500 desktop computers that were ordered by the Group Information Communication Technology (GICT) department in 2014 but they were never delivered.

Opposition party the Democratic Alliance took over COJ from the ANC in August 2016. Mashaba, who took over the reins from the ANC’s Parks Tau, has publicly announced he intends to rid the city of corruption, which he blames on the previous administration.

Tip-off

According to Mashaba, the Group Forensic and Investigation Service (GFIS) received a tip-off from a member of the public who is closely linked to the service provider, saying that while she was working at the company, the city placed an order for 500 desktop computers.

It’s not clear which desktop PCs the city purchased but at retailer Incredible Connection, they range from R5 000 to R18 000. In the R6 million deal, the city paid R12 000 per computer.

Mashaba explains the computers were paid for with the assistance of officials working for the city but never reached the city.

The service provider, which is based in the south of Johannesburg, provides office supplies such as desktop computers, laptops, printer cartridges and toners, to name a few, he says.

A search and seizure operation was conducted this week by the members of the Hawks and officials from GFIS at the offices of the service provider.

Mashaba explains that about 37 computers worth R750 000 belonging to the city were seized during a joint operation.

He explains it is alleged that after winning the tender to supply the computers, the service provider placed an order with PC distributor Mustek to do the city’s imaging on the computers.

This was standard procedure, says Mashaba. “But with this batch, it is alleged that when he received it from Mustek, the service provider and his specialists in the information technology filed to remove the city’s imaging. Serial numbers of the seized computers were removed.”

In a statement sent to ITWeb, Mustek says: “In terms of Mustek’s distribution model, Mustek on-sells its products to its approved dealers, who then on-sell to end-users and public sector customers.

“Accordingly, we cannot comment on what transpired between the service provider and the City of Johannesburg. However, we are assisting the City of Johannesburg with their investigation of this matter.”

Preliminary investigations
It is alleged that most of the computers were sold to other clients and the 37 seized were used by the service provider’s staff members, Mashaba says.

He points out that preliminary investigations into the matter revealed that a city official was paid R1 million by the service provider for securing the deal for it. The city official allegedly took one official working for the service provider to a shop in the south which sells building material and spent R30 000 as a token of appreciation to the official, he adds.

“I was also informed that the service provider colludes with one of our officials who steals printer cartridges from our stores and sells them to the service provider who then sells it back to the city. When the team arrived at the property, they found one employee removing serial numbers from the boxes of the cartridges which had names of other municipalities and government departments.”

The team also established that the service provider illegally connected electricity supply to the property. City Power officials were called in and they removed the meter.

“The GFIS is currently conducting a number of investigations into contracts entered with ICT suppliers. I want to eliminate corrupt elements throughout the city, including investigating illicit deals and contracts that were secured by the previous administration and this includes our technology space,” concludes Mashaba.

By Admire Moyo for ITWeb 

Steinhoff raises R7.1bn from sale of PSG shares

Steinhoff International raised R7.1bn billion of shares in South African financial services firm PSG, the latest in a line of disposals aimed at shoring up the retailer’s battered balance sheet.

The owner of Mattress Firm in the U.S. and Poundland in the UK placed almost 29.5 million shares in Stellenbosch, South Africa-based PSG with institutional investors, Steinhoff said in a statement Monday. That’s on top of the 20.6 million PSG shares sold late last year at the start of an accounting scandal that’s wiped out most of its market value.

“This is positive for Steinhoff as it will secure a decent bit of liquidity out of a fairly well-priced asset,” Alec Abraham, an analyst at Johannesburg-based Sasfin Securities, said by phone. “By selling out of a non-core asset, the company is better able to support its core, furniture businesses.”

The shares rose 3.7% as of 4:41 p.m. in Frankfurt, where Steinhoff moved its primary listing from Johannesburg in December 2015. PSG rose 0.2% by the close in the South African city to R254 rand, about 5.5% higher than the R240 price Steinhoff received for its stock. The retailer holds a 2.5% after the placement.

Steinhoff has been identifying non-core assets to sell while holding talks with lenders about providing financial support. The company said December 5 it had uncovered accounting irregularities and later announced it would have to restate accounts going back to 2015. Chief executive officer Markus Jooste and chairman and biggest shareholder Christo Wiese have both resigned.

The company earlier this year sold a luxury Gulfstream 550 private jet that had once been valued at $25m, while French unit Conforama has disposed of a 17% stake in online retailer Showroomprive for €79 million euros. That’s about half what it paid for the shares in May last year.

The PSG placing was carried out by PSG itself and the South African unit of Standard Bank.

Separately, Amsterdam Court’s Enterprise Chamber delayed a verdict on a case brought against Steinhoff by a former joint-venture partner until no later than February 19. It had been due to make a decision on the case Monday.

By Janice Kew and John Bowker for Bloomberg / Fin24

A new banking scam whereby fraudsters remotely take control of your PC over the Internet to gain access to consumer’s online banking profile is currently doing the rounds.

This is according to First National Bank (FNB), which alerted consumers about the latest festive season scam.

In a statement, FNB says fraudsters are sending unsuspecting consumers fake emails notifying them that fraud has occurred on their respective bank accounts’ or credit cards.

Soon after the email is sent the customer receives a call from a fraudster claiming to be from their bank and offers to help block any fraudulent transactions by first requesting the customer to install “protection” software on their computer, which allows the fraudster to gain full control of the computer remotely.

Kovelin Naidoo, cyber security officer at FNB, says fraudsters are employing carefully constructed scamming tactics that have the ability to trick even the most vigilant customer if they are not aware of the modus operandi.

“If someone calls you and requests your personal banking details or to install remote access software on your computer, please end the phone call and contact your banks’ fraud contact centre. FNB will never ask you to share your OTP to reverse pending transactions or to block your banking profile,” cautions Naidoo.

He adds: “As access to banking services through digital channels continues to grow, so does the prevalence of banking scams, therefore we urge consumers to always be vigilant and familiarise themselves with the different types of digital banking fraud, as well as the security measures provided by their respective banks.”

How fraudsters use the software to defraud consumers:

  • The fraudster calls the customer and offers to help them block any fraudulent transaction by asking him/her to download and install “protective” PC software.
  • The customer downloads the software, and with the help of the fraudster, installs it.
  • Once the software is installed, the fraudster asks the customer to log into his/her personal online banking profile.
  • After logging in, the customer’s computer goes blank. Shortly afterwards, he/she starts receiving OTP (one-time pin) SMS’ to confirm transactions he/she did not perform.
  • The fraudster then reassures the customer that these are fraudulent transactions and requests that he/she forwards the OTPs so that they can be blocked or reversed immediately.
  • The fraudster then uses the OTPs forwarded to him/her to process the pending transactions and defrauds the customer.

Source: IT Web

Fake WhatsApp affects millions of users

Around 1 million users have downloaded a fake version of WhatsApp which appeared on Google Play.

Reddit’s forum users noticed that it was a hoax. Users who didn’t notice this and downloaded the fake app ended up with a major amount of adverts rather than a messenger app.

According to Hacker News, the reason this spoof fooled so many people is because whoever created the App and who put it in the Play Store did so under the name “WhatsApp Inc”, which is the same name the maker of the world-famous app uses. However, Fortune Magazine says that it is not the most uncommon incident.

Fortune points out that when you search for “WhatsApp” on Google Play, it currently shows no fewer than seven spoof apps using slight variations on the developer name “WhatsApp Inc.”
All of them have four-star review averages, due to Play’s review system.

So remember to watch out before downloading off Google Play or ask a friend to send you the original App via file sharing apps such as SHAREit.

What happened?

WhatsApp fraudsters have tricked more than one million people into downloading a fake version of the chat app from the Google Play Store.

WhatsApp users downloaded the ‘Update WhatsApp Messenger’ from the Android app store as it looked it was from the company that makes the popular app.

The Google Play Store page for the fake app claimed the programme had been developed by WhatsApp Inc, the creators of the instant messaging app.

However, it was instead a fake app that contained adverts and download malicious software onto a user’s device.

The developers made it look like a legitimate app by using virtually the exact same name as the developer WhatsApp Inc.

However, they replaced a space that appeared in the name with a character that made the one defining difference look invisible.

This made it almost impossible for an Android smartphone user to detect the different between the real WhatsApp app and the fake version.

How to check if your WhatsApp is fake

To start with, go to Settings and then find the Apps section and click on WhatsApp.

Then under Store you should see the option to check the App Details.

This should then take you to the Google Play page which shows the app has been downloaded more than one billion times.

The developer for the app should be WhatsApp Inc and it should have a PEGI 3 rating.

If any of these details are different, alarm bells should be ringing and you should delete the app to find the official version.

You can also download an anti-virus to clean up any malicious software that may have been installed on your smartphone.

The news comes after over the weekend Express.co.uk warned about another fake app that had appeared on the Android app store.

The bogus programme appeared to be a fake version of the upcoming WhatsApp business app and was available to download from the Android app store.

Alerting users to the issue one Android user on Google Play complained that the app was full of adverts, while another claimed it was being used for “data theft”.

The fake app was flagged up by tweeter @MujtabaMHaq and WABetaInfo, a Twitter account about all things WhatsApp.

It has since been deleted from the Google Play Store.

Source: IOL; Dion Dassaayake for Express

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top