Internet fraud has SA top banks sued
By Thandisizwe Mgudlwa
CAPE TOWN – In a disturbing turn of events, it has been established that a number of South African banks are facing legal action for the way they handle Internet fraud.
This comes as banking clients complaints against the banking ombudsman and the bank’s illegal conduct by some clients, are gaining momentum.
A least, 20 Absa and Standard Bank clients, who have each lost between R1 million to R2 million to Internet banking or SIM swap fraud, demand the banks to be held accountable for fraudulent action.
The ombudsman meanwhile will not open a case of fraud against a bank unless clients can prove that the bank’s acted negligently. If no negligence can be proven, it unfortunately means that the complainant was negligent.
In 2016, only 22% of cases of Internet fraud in South Africa ware ruled in favour of the customer. While the remaining 940 cases of Internet banking-related complaints went in favour of the banks.
According to a report by Rapport, the banks and the ombudsman argue that where a PIN or a password is fraudulently obtained. The client must be responsible as they are the only persons privy to that information.
However, this has not been accepted by the 20 clients, who claim they have not acted negligently nor did they give out personal information that could have compromised their accounts.
The 20 clients further argued, they have no way of proving a breach took place through the banks or via a cellular provider meaning it was next to impossible to prove who was at fault.
The report also said, they pointed to a recent case in which one of the 20 customers instituting the action had to take both Absa and Vodacom to court in order to determine who authorised a SIM swap on her cell number. And therefore had access to her Absa bank account.
It was only after the court ruled in her favour and ordered that the client be given access to the records, was she able to build a case that she was not liable for the fraud, added the report.
Meanwhile, in 2013 Reuters reported that the Payments Association of South Africa (PASA) had revealed that South African banks had been swindled out of millions of dollars that year by an international fraud syndicate that stole card details from restaurant chains.
The Reuters report also mentioned that card fraud has been on the rise in South Africa in the last two years despite efforts to replace magnetic stripe cards with the more secure chip variation, PASA said.
The latest scheme was devised through a variant of a software virus known as Dexter, most likely originated from Europe.
“It was certainly cleverly written. It took a while to detect,” said Walter Volker, chief executive at PASA about the Dexter software virus, adding that all South African banks, including industry leader Standard Bank and smaller rivals FirstRand, Barclays Africa Group and Nedbank, had been affected.
The syndicate targeted computers at restaurant chains with a virus that sents back details of customer cards.
The information was used to clone cards or sold on to other criminals, PASA said.
According to the South African Banking Risk Information Centre (SABRIC) “South Africans lose in excess of R2,2 billion to internet fraud and phishing attacks annually.”