SABRIC, the South African Banking Risk Information Centre, on behalf of the banking industry has published its annual crime stats for 2020, showing that Covid-19, in conjunction with the implementation of regulations of the Disaster Management Act had a notable influence on financial crime trends last year.
It triggered changes in human behaviour, human movement, and policing, creating new opportunities for criminals which significantly impacted the number of crime incidents.
While some crime types decreased, others increased as criminals exploited Covid-19 for their own gain. Overall, SABRIC has seen an increase in banking crime incidents.
As customers turned to online shopping and settling payments on apps, criminals enhanced their efforts to phish customers to steal their personal data to defraud them on digital and online platforms.
Online banking and mobile banking
Fraud on the online channel makes up the smallest portion of incidents of Digital Banking Crime, accounting for 11.1% of reported incidents, however, it accounts for the highest portion (45.1%) of gross losses, SABRIC noted.
Phishing makes use of emails to trick the victim into entering their login credentials by directing them to a “spoofed” website that is designed to look legitimate. Vishing, which has been reported to have significantly increased during 2020, involves criminals making telephone calls to potential victims, purporting to be from the bank and convincing them to compromise their details.
In some cases, vishing is used once the criminals have access to the victim’s account as an additional step to deceive the victim into providing them with the verification token (OTP or RVN) required to complete a transaction, said SABRIC.
Mobile Banking fraud accounted for 59.7% of Digital Banking Crime incidents reported to SABRIC in 2020, however, only 14.8% of the gross losses. Fraud on the Mobile Banking channel is characterised by a high volume of lower value transactions.
SIM swaps were reported in 92.7% (19,537) of Mobile Banking fraud incidents reported in 2020 and are the most commonly used modus operandi for committing a crime on this channel, said SABRIC. The increased ability of criminals to carry out SIM swaps may account for the significant increase in incidents (67.6%) and gross losses (62.1%).
Known-party or “friendly” fraud was also a commonly reported MO on the Mobile Banking channel during 2020. In this type of fraud, an individual known to the victim (such as family member or colleague) and who is in close proximity to the victim and/or their device, is able to access the device and conducts transactions without the victim’s knowledge on the Mobile Banking platform.
The cash-out method of this MO usually consists of purchasing airtime or electricity and instant cash sending facilities.
Digital banking fraud increased by 33%. Social engineering (phishing, vishing and SMishing) continues to be the primary method employed by criminals when targeting victims across digital channels.
Despite the overall decrease in reported incidents on the channel, during 2020 a significant increase in Bank App fraud as a result of cell phone snatching was recorded. “It is important to note that there have been no reports where the banking app software was compromised to commit the fraud, said SABRIC.
Although there are various methods and techniques used in the cell phone snatching modus operandi, the correct credentials are used to access the app.
“These credentials may have been previously compromised through social engineering methods, such as shoulder surfing or phishing, however, in many cases, the credentials were compromised through vulnerabilities in the management of such information.”
For example, the credentials were saved elsewhere on the device or the same username and password were used across multiple apps. An increase in the number of incidents involving SIM swaps was reported in 2020 with 26.11% (2,684) as compared to 8% (855) in 2019.
Debit card fraud rose by 22%, while on a positive note, credit card fraud decreased by 7%.
Contact crime was impacted by the restriction of movement and visible policing resulting in a decrease in incidents. Associated robberies saw a decrease of 24% in 2020 when compared to 2019 with decreases evident in the Free State, the Eastern Cape and Mpumalanga.
While ATM attacks decreased by 9% overall, ATM explosive incidents increased by 20%. A significant shift that occurred during the year was an increase in the success rate of incidents. More than half (54%) of incidents in 2020 were successful while only 40% of incidents in 2019 were successful. Through analysis, it was determined that suspects made use of more explosives or multiple explosions to breach safes.
Grinder incidents decreased by 44%. This can be attributed to the effective monitoring of ATMs for signs of grinding in progress, for example, a loss of signal along with prompt responses from reaction teams. The related cash losses decreased by 50% although the cash losses represented 27% of the overall losses, SABRIC said.
During 2020, ATM attack–cutting torch incidents decreased by 19% where losses increased by 59%.
Cash-in-transit (CIT) robberies decreased significantly due to the Level 5 lockdown in April and May of 2020, but once restrictions were lifted, these increased again by 22% as criminals were able to move with fewer restrictions and fear of roadblocks and searches, SABRIC said.
Robberies and burglaries also increased by 42% and 12% respectively.
SABRIC CEO Nischal Mewalall stated: “Your personal data, when combined with technology has become the new key to the safe that holds your money in a bank, so you must safeguard your data to prevent criminals getting access to your safe.”
Mewalall further warned that looking ahead, cybercrime and data breaches will represent a significant threat to customers and banks, because even the best security and technology can be compromised when criminals source and use legitimate data illegally, to carry out a crime.
Mewalall also warns bank customers to never click on links in unsolicited emails as these links are used in phishing emails to drive people to “spoofed” websites which look like legitimate online retailers, complete with enticing images and convincing taglines.
“Criminals use these bogus websites to harvest bank card details to make online purchases using your account. We are still seeing lots of scam’s advertising seemingly incredible deals for personal protective equipment, sanitiser and fake vaccines that exploit people’s concern for their health and safety.” said Mewalall.