Many mobile subscribers have discovered a number has been added to their profile without their permission, and thousands in airtime and data transferred to this number.
To steal as much money as possible, the criminals take control of subscribers’ accounts and bypass bill limits.
In one case reported to MyBroadband, fraudsters stole R8,453.44 from an MTN subscriber in a Me2U Money scam.
Other MTN subscribers have also complained about fraudulent Me2U Money transactions occurring on their accounts.
One victim told MyBroadband he received a “Usage Details” document with his MTN invoice in May which contained Me2u Money transfers of R200 (R173.91 + VAT) per day. These were all fraudulent transactions.
“A number was clearly added to my account without my knowledge or approval,” he said.
Although he had a bill limit of R500 on the account, and MTN limiting Me2U transfers to R1,000 per month, far more than this was stolen in one month.
The screenshots below show the fraudulent Me2U Money transfers on his account for two weeks in April.
A recent Carte Blanche episode revealed that many MTN subscribers who were fraud victims struggled to get support from the company.
In one case, the victim tried to alert MTN about the fraud by calling their fraud helpline, but she was informed they could not assist. MTN asked her to open a case via email.
She emailed MTN as requested, but to her surprise, she received an “out of office” reply. Even visiting MTN in person did not resolve the problem.
What followed was months of stress, damage to her credit record, and even being blamed for the fraud, which was not her fault.
Many other victims spoke to Carte Blanche with similar stories of increased spending limits and thousands being stolen from their accounts.
In all these cases, the victims were unable to resolve the problems using MTN’s support channels.
“When customers go to an MTN store to try to get help, the staff tells them there is nothing they can do. They are told to call the 135 fraud line. When they call that number, they get no answer,” Carte Blanche said.
MTN admitted that their service was deplorable and apologised to their customers for the poor response.
MTN SA’s executive for corporate affairs, Jacqui O’Sullivan, told MyBroadband an internal forensic investigation had revealed a criminal syndicate working to defraud MTN and its customers.
They believe criminals gained illegal access to accounts using compromised credentials, including usernames and passwords, of MTN employees and MTN partners.
The investigation currently points to a failure to protect user credentials and potential insider involvement.
The fraudsters used ID numbers in their possession to conduct searches within MTN systems to look for matches to facilitate illegal SIM swaps.
Once a SIM swap was undertaken, one-time passwords (OTP) would be sent to the “new owner” of that number to facilitate fraud.
MTN has proactively contacted customers whose accounts have been compromised by the crime syndicate. A dedicated team is also rectifying unauthorised transactions on their accounts.
Vodacom and Telkom also fell victim to the activities of the crime syndicates.
Telkom spokesperson Noma Faku confirmed that their customers were targeted in this scam.
“The suspects who attempted to scam Telkom customers were identified and have been arrested,” Faku said.
Vodacom spokesperson Byron Kennedy said they had seen an increase in targeted activity by an organised cyber-crime syndicate.
“We continue to work closely with law enforcement units so that criminals are caught, and justice is served,” he said.
“Vodacom’s investigation is ongoing, and all evidence gathered will be provided to relevant authorities for further investigation.”
Kennedy said if customers suspect that they have been targeted, they should report the matter by contacting the call centre on 082 135 or visit a Vodacom store.
Cell C said it had not been affected by this specific scam. “However, it remains important to note that identity theft remains one of the major fraud risks faced by consumers,” it said.
“Our systems, policies and processes are reviewed and updated regularly to cater for these risks.”