There are indications that bank customers are on the verge of losing confidence in electronic banking as frauds associated with the system threatens their life savings through a Subscriber Identity Module (SIM) card cloning.

SIM cloning is the process in which a legitimate SIM card is duplicated by a fraudster and used in a different phone to make transactions while having all calls and associated charges attributed to the original SIM card.

Vanguard MoneyDigest investigations revealed that most bank customers have been receiving series of calls asking them to resend a code sent to their phones mistakenly. While some called their banks’ customer care number others ignored them citing warning messages they received from their banks.

Advertisements

Dr. Lucas Mary said: “I received a message, with a code from unknown number and then a call from someone claiming to be from my bank, to resend the code back. I called the customer care service to verify the authenticity of the information. I was told to ignore the caller and don’t attempt to resend the code which was four digits.”

Mrs Adeniyi Dorcas said: “I gave the man time to finish his story, he said l should dictate the figures sent to my number. So l cut off the line.”

On her part, Juliana Ayogu ignored the caller and the message saying, “Yes, I have received a call from an unknown caller to resend digits mistakenly sent to my phone.

“He claimed he was registering something online and the digits were meant to be sent to his phone but was sent to mine.

Advertisements

“Being computer literate, I knew then that the computer cannot generate my number when I am not the one registering online. I had to end the call before things got out of hand.”

A customer service manager in a tier one bank, who spoke on anonymity said that he has never gotten a report on such fraud from customers.

He said: “The type of scam that is rampant is that which fraudsters call bank customers indicating that they are from the bank and requesting customers to forward their Automated Teller Machine (ATM) card and bank account details.”

He added: “The code sent by the fraudster is used to clone your SIM card. Once it gets to your phone and it is sent back, automatically they have your SIM card cloned. If your SIM is cloned they can have access to your account especially if it is the phone number you registered to receive SMS alert from your bank.

HAVE YOU READ?:  Nigeria needs industrial revolution, says AfDB president Adesina

“The only advice I will give to a bank customer is that once you receive a call or message from a phone number do not stay long on the phone with the caller or delete such a message from your phone.

Advertisements

“Staying long on the phone might result in them accessing vital information they can use to defraud you.”

How the fraud is processed – Expert A software expert, Johnson Olukayode explained, “Every SIM card has secret codes that enable communication with the mobile phone and the transmitting tower. Mobile phone operators identify clients’ numbers and do billing procedures using these codes.

“A fraudster can have your number by stealing a SIM card or carrying out a SIM swap for cloning. Most of the currently used SIM cards belong to the COMP128v1 type of algorithm used in making SIM cards. They are very easy to clone.

“The fraudsters will use a blank SIM card with no programming on it, SIM firmware device that can read or write the information on blank SIM cards and a card cracker and USB SIM CardReader software as tools for cloning.

“In the case where the SIM card is swapped, the fraudster places a call to the mobile operator and ask them to unlock the SIM card for any possible reason.

‘‘If the operators send the code to the phone number it is received by the bank customer. Then the fraudster calls the customer giving flimsy excuses for the sent code and begs the customer to resend.

‘‘If the customer resends the security code, he writes the SIM in about 10 minutes and enters the security code. He now has every detail of the customer. If the phone number is linked with a bank account, he can access the bank account with ease.”

VANGUARD