How an Absa customer had R3.1 million stolen from his bank account. Ferucci stated in the report that he did not authorise the SIM-swap, and it was only after he asked his daughter to contact Vodacom that he learnt the swap was conducted. Curiously, his Vodacom SIM started working again – three weeks after the swap took place. Unfortunately for Ferucci, three weeks was more than enough time for the criminals to use his cellphone number to access his bank account. Even before his return to South Africa, it was discovered that 10 large transactions were conducted on his Absa business account which saw millions transferred to unknown recipients.
It was recently reported by IOL that a businessman from Cape Town had R3.1 million stolen from his bank account while he was away in Miami. The businessman, Feruccio Ferucci, is an Absa customer and had travelled to Miami for two months. It was during this time that a fraudulent SIM-swap was conducted on his Vodacom number, which was used alongside a compromise of his banking credentials to extract the millions from his account.
The transactions were valued at around R300 000,00 each, and it was following this discovery that Ferucci contacted his attorney to resolve the matter. He also wrote a letter to Absa protesting the transactions, and he threatened to close his account with the bank. This saw Ferucci’s funds returned, while Absa and Vodacom stated they are investigating the matter. How the money was cleaned out While Ferucci’s story had a happy ending, this is not the case for many SIM-swap victims in South Africa – many of whom have to fight tooth and nail to get their money back from banks.
Even more concerning is that once the money is taken out of a customer’s bank account and they successfully appeal the transaction, they often do not receive full compensation for their losses. Cape Town attorney Johan Victor, who specialises in SIM-swap fraud cases and has led multiple successful claims by consumers against banks and mobile networks, told MyBroadband that in many SIM-swap cases bank accounts are cleaned out using “account mules” – and stopping these mules is crucial to protecting potential victims. “
At present, the crooks use mules to open bank accounts who declare to the bank, when opening the accounts, that they cannot comply fully with FICA requirements because they have no fixed address and/or do not hold permanent employment,” said Victor. “The mules, on opening the account, declare they will not receive more than R25,000 per annum in their account or receive or pay out more than R25,000 in one single transfer.” These accounts are opened with less stringent FICA verification requirements in order to assist the previously un-bankable portion of the population, such as the unemployed and homeless, in terms of exemptions to the FIC Act.
Once the account is opened by a mule – a person who is either paid to open an account, or does so without knowing it will be used by a criminal – it is used as a channel to get money out of targeted bank accounts, such as Ferucci’s. The mule’s bank account has millions of rand transferred to it within days or weeks after it is opened, and within seconds it is cleared out – with the money disappearing for good, said Victor. Victor said that he believes the banks can do more to stop these types of transactions and are obligated by FICA to have oversight of all transactions in their accounts.
He added that it is possible bank insiders may be assisting criminals to move the money as quick as it lands in the mule’s account, because the transfers often happens in a matter of seconds. Complicating matters from an investigation perspective is that banks are not prepared to provide information on the recipient accounts without court orders or subpoenas, which provides ample time for the criminals to hide their tracks. Victor added that a hold could be placed on these low-value bank accounts – especially for any amounts exceeding R25,000 or deposits made into these accounts – for at least the first 24 months of the accounts being in existence.
Should the account be dormant for more than a few months, a hold should be placed on any deposits and/or transfers exceeding the minimum limit in terms of FICA, he added. Such steps would only require a few lines of code in the bank’s IT systems to implement. Money mules a growing problem Victor’s sentiments are echoed by the anti-fraud body the SAFPS, which recently stated that money mules are a growing problem in South Africa and were a contributing factor to fraudulent banking transactions taking place.
SAFPS operations manager Roy Retief told MyBroadband in December that South Africa is experiencing an increase in money mule activity, similar to international trends. “We saw an increase of 58% in the abuse of bank account subcategory listings, as reported by members during 2017,” Retief said. “This is supported by conversations with member organisations where they are seeing increased incidents of money muling, and are now reporting muling to us – which they may not have done in the past,” Retief said.