Fraud and identity theft in your neighbourhood

There are two scams doing the rounds which I heard about this last week. Both show how intricate and advanced these schemes are becoming.

Spoofing customers

In this first one, a colleague of mine was contacted by a person purporting to be from a firm of attorneys he invoiced for work he did. He had sent an invoice to this firm over Docex, a document delivery service run by the Post Office. The caller quoted my colleague reference details from the invoice and the caller said he had overpaid an amount into my colleague’s bank account in error and asked for the difference to be repaid.

My colleague checked his bank account and sure enough, there was a large payment into his account, far more than the amount he invoiced. The caller was pretty insistent that the money be paid back straight away by EFT. My colleague instead wrote out a cheque and told the caller he could collect it from his office, which the caller never did. In a day or two the payment into his account was cancelled and marked as “unpaid”. It was presumably a bogus cheque payment which bounced. My colleague confirmed the whole thing was a scam when he called the attorney directly and found that the attorney whose alleged representative called him, knew nothing of this.

Spoofing a mobile network

This next one is even more intricate. A customer was called by someone purporting to be from Cell C and was told that he, the caller, was tracking down some fictitious fraudsters who cloned Customer’s mobile phone. Caller told Customer to turn off his mobile phone so Caller could track the fictitious fraudsters, which Customer eventually did. Caller’s buddies, in the meantime, hijacked Customer’s office line at the Telkom exchange/box and rerouted his calls to another number.

At the same time more of Caller’s buddies went to Customer’s bank and presented a large cheque, apparently issued by Customer, for payment. The bank, careful to verify such payments, called Customer’s mobile phone and found it was off. They then called Customer’s office and got through to Caller’s buddies. One of Caller’s buddies answered and said he was Customer and approved the payment. Around this time Customer’s girlfriend also tried to reach Customer and after not being able to reach him on his mobile phone, called his office and got through to Caller’s buddies. She quickly realised there was something untoward going on and managed to get in contact with Customer who alerted Telkom, his bank, the police and the mobile network. Caller and his buddies were fortunately prevented from getting away with any money.

Stories like this make me very wary of cheques and anything run by the Post Office. I have pretty much stopped using cheques (there are so many stories now about cheques being washed and reused) and I send invoices electronically. It is also a very good idea to double check any calls that appear to be legit before you give away personal information like ID numbers and others as well as make any payments. What will be really scary is if fraudsters manage to get the personal information you use to verify your identity to banks and then start masquerading as you so be really careful about who you give details like your ID number to.


Technorati Tags:
, , , , ,

Paul
Enthusiast, marketing strategist, writer, and photographer. Passionate about my wife, Gina and #proudDad. Allergic to stupid

  1. A South African company hopes to create a new market for itself by integrating biometrics into the everyday shopping experience.

    1 Finger is a new incentive being launched in May 2009 by 247 Technologies. It is a solution designed to eradicate identity theft in South Africa.

    Many people have had the problem of being left with debt because someone stole their identity and opened accounts on their names. When this happens, it becomes the victim’s problem to clear their name on credit bureau systems and, in many cases, the victim is even forced to settle the debt created by the criminal. In some cases the victim cannot prove he or she did not create the debt.

    The 1 Finger system using a person’s identity number and/or passport number, as well as 10 fingerprints, will keep a record of all transactions where 1 Finger was used to verify the identity of the user. Not only would criminals not be able to open accounts using a stolen identity, in the unlikely event that they do, 247 Technologies will be able to prove from the vendor’s historical records that it was not the victim.

    Vendor security

    Sellers can also stop people fraudulently opening accounts in their businesses, paying with stolen credit cards and other activities that cost billions of rands annually. Fraud related to identity theft cost South African businesses R276-million in the first three months of 2008, according to Alexander Forbes Insurance, as reported in the Mail & Guardian on 22 April 2008.

    If this is not enough of an incentive to insist on all clients using the 1 Finger system when dealing with a company, businesses can also integrate the system directly into their systems through the free software development kit for system integrators. The kit will be available in June 2009.

    Wherever 1 Finger is used, a client would be able to verify the authenticity of their personal information provided by reading his/her fingerprint on a biometric reader. This will also create an audit trail of their business dealings. For a fee, users will receive an SMS each time the system is used.

    Fingerprint identification is not only used by the police to solve criminal cases. It is also used by government to make pension pay outs, pay grants and by over 400 of 247 Technologies clients to control access to their business and pay salaries against time and attendance data collected via fingerprints.

    For more information contact Peter Krauspe, 247 Technologies, 0861 101 738, http://www.247technologies.co.za

    Contact me for more info….

What do you think?

%d bloggers like this: