WENDY KNOWLER | Vish granny will be next? Scammers are now going the extra mile

Until last week, I’d never heard of fraudsters going as far as posing as bank officials and visiting elderly folk at home

28 November 2021 - 18:56 By Reuters
With bank security having improved so dramatically over the years, the fraudsters have had to resort to other means such as vishing.
With bank security having improved so dramatically over the years, the fraudsters have had to resort to other means such as vishing.
Image: 123RF/SCAN RAIL

One of the most heartbreaking aspects of my job is being inundated with emails from elderly folk who have fallen victim to bank fraud, most of it vishing.

That’s when fraudsters call their intended victims, pretending to be employed by a bank’s fraud department, claiming they have picked up suspected fraudulent transactions on their account and asking for their help and cooperation in stopping them.

That’s how they trick them into divulging their banking details, including the one-time passwords (OTPs), which the bank sends to their phones via SMS to enable a purchase.

In most cases there is little I can do to help, because they clearly handed over the so-called “keys to the safe” to the fraudster, despite repeated warnings to never EVER do that. And that gives the bank a reason to deny responsibility or liability.

Genuine bank staffers do not call up their clients and ask them for personal bank details, passwords and OTPs. If that happens it’s always attempted fraud.

With bank security having improved so dramatically over the years, the fraudsters have had to resort to direct means of getting people’s banking details, such as vishing.

But until last week, I’d never heard of fraudsters going as far as posing as bank officials and visiting elderly folk in their homes, pretending to want to help them in some way.

A few months ago, Mr and Mrs R, aged 92 and 88 respectively, received an unannounced visit from a “bank official” called Candice at their Durban home, with her young colleague in tow.

She claimed to be helping Nedbank’s elderly clients switch to digital banking, to spare them having to travel to a bank branch and stand in long queues to do their banking.

Both were wearing Nedbank uniform.

They knew their victims’ names, their address and the fact that one of their credit cards had expired.

In all, they visited the couple three times.

Between them, Mr and Mrs R lost about R250,000 to the fraudsters. Here’s how.

According to their niece, who alerted me to this story, Mr R noticed after that first encounter with Candice — the real name of that 40-something fake Nedbank employee — his cellphone said “SIM missing”.

According to the niece, Nedbank failed to pick up highly unusual activity on the two accounts and treated the couple with a lack of empathy when the fraud came to light.

So that’s how Candice got his OTPs and was able to empty his account of almost R194,000 — she popped Mr R’s SIM into her phone.

Candice apparently told Mrs R that her new credit card was ready, and offered to accompany her to Nedbank’s Overport branch, because their usual branch, Musgrave, was offline, she claimed.

Clearly she avoided that branch because the couple was well-known by the staff there.

Candice also “kindly” offered to draw money from the ATM for Mrs R, as she was battling to walk, and that’s how Mrs R surrendered her PIN to her.

Her account was emptied of R60,000 during the course of the next few weeks.

According to the niece, Nedbank failed to pick up highly unusual activity on the two accounts and treated the couple with a lack of empathy when the fraud came to light.

Also, she said, the fraudsters had to be working in collusion with genuine bank staffers, given all the personal information they had.

On that last point, that’s not necessarily the case, according to the banking ombudsman Reana Steyn.

“Any store with which you’ve ever had an account, every medical practice et cetera, will have a record of your bank account details, your ID number, and hence your age, and if they’ve seen your credit card, the expiry date.”

On the plus side, Candice has since been arrested; Mr R immediately identified her in a line-up, and she appeared in a Durban regional court on fraud charges on November 19.

“Her bail has been denied, and she is still in custody,” a Nedbank spokesperson told me. “As far as we know, there are still other cases [against her] in other police dockets, which the prosecuting authority may want to consider adding to the present charge sheet.”

The spokesperson wasn’t able to say how many cases there were.

“We have been working closely with the SAPS to ensure that the perpetrators are brought to book,” the spokesperson said.

“Our investigations failed to establish any indication of staff collusion.

“According to the information at our disposal, the suspects would not arrive at the victim’s residence with any branded clothing, but often stated that they represented all the banks and only after obtaining information from the victims regarding where they did their banking, did the suspects then put on an item of clothing such as a jersey, scarf or jacket, of a colour associated with that particular bank.”

So it appears that it’s not just one bank’s elderly clients who are targets of these slick, heartless fraudsters.

I totally empathise with Mr and Mrs R: as customers of Nedbank — and formerly SA Perm — for more than five decades, they would well remember a time when people had more personal relationships with bank staff members.

In that bygone era, there was a lot of face-to-face interaction with bank staffers and branch managers, so to the Rs, that visit wouldn’t have seemed very suspicious, especially as the couple appeared to be in bank uniform and Candice made a good show of having accessed their accounts on her laptop.

They trusted that they were in good, safe hands, and that was fully exploited by the fraudsters.

So please, talk to your elderly relatives and friends about this scam and about the vishing calls.

Never let in any “bank official” that arrives unannounced at your home and never divulge any banking details or OTPs to someone who phones you claiming to be from your bank’s fraud division.

If you are worried, end the call and phone your bank’s fraud department — ideally have the number pre-saved in your cellphone’s contacts list — to check if there was really a fraud alert on their account.

Spread the word!

subscribe

Would you like to comment on this article or view other readers' comments? Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.