In recent years I’ve come across a multitude of people who have been scammed while trying to do their payments via EFT. The pattern is always the same. An invoice is sent to an individual by a supplier. The invoice gets abducted by some hacker who leaves everything as per supplier name and bank detail except the account number. The individual then does EFT to the supplier name but with different account number. With that the individuals money disappears. The supplier is not taking responsibility because his original invoice had the correct acc. number. The bank pretends to do an investigation and comes back saying that the money in that account number is gone. When you challenge the bank how they can allow an EFT if the name and acc. no. do not tie up, their answer is simply that they only look at account numbers. In my mind this raises a lot of questions: Firstly, how could the fraudster open an account with the suppliers name but a different acc. no.? Secondly why are the banks so incredibly pedantic when it comes to FICA requirements and yet they don’t care about acc. no. not tying up with a name. When challenging the banks about details regarding the fraud they are hiding behind confidentiality requirements and thus there is no transparency. I’m starting to suspect that most of this type of Fraud is committed from within the banks. I just read that in Germany they are introducing a law that banks must ensure acc.no. tie up with the name and take responsibility if they don’t. Isn’t it time we do the same where fraud is even more rife? I wonder if there isn’t more detail behind the scenes deservedly of a story?
Having been on the wrong side of this myself it amazes me how powerless banks are in these cases. What is all that FICA-ing for?
This sounds like a job for Dr Leon Schreiber 
Some banks are starting to get creative 
. I recently read that in Australia, the Commonwealth Bank has teamed up with Apate.ai to fight scammers using AI-powered ‘honeypot’ bots. These bots pretend to be real people and sound like real people. The aim? Waste scammers time and gather intelligence on scam tactics in real time, to then feed that data back into the bank’s fraud detection systems. This approach disrupts scammer economics and is aimed at preventing fraud before it hits customers. It’s a smart, proactive approach compared to the usual ‘too late, money’s gone’ response.
It’s not only the banks, the telcos are just as bad. All those RICA documents required to get a sim card? The telcos (or at least Vodacom) don’t even record the information, they just forward it on.
I am on pre-paid with Vodacom and earlier this year someone initiated a sim swap on my number. To do this, they simply contacted the Vodacom call centre, requested the swap and it was initiated. No information outside of the number they wanted to swap was required, despite Vodacom having at one point collected copies of my ID document and proof of address.
The result? Now in control of my number, the fraudsters were able to access the Vodacom app and transfer all my airtime to a different account. When I went to Vodacom to report the issue they said they are very aware of the security gap in the system, it happens all the time, they simply don’t care to rectify it.