Man Loses Sh2.6 Million to SIM-Swap Fraudsters While on a South Africa Trip

A 58-year-old man has narrated his ordeal after losing Sh2.6 million to Sim-swap fraudsters while on a trip to Johannesburg, South Africa in February this year.

Farah Bashir, a medical laboratory scientist, told Nation that he arrived in South Africa on February 5th and started receiving calls from family members who sought to know his whereabouts. He claims that hackers gained access to his contacts and began calling and texting close family members.

At 5:43 pm on February 7th, Bashir received a notification from Safaricom informing him that they had received a Sim Card swap request and urged him to ignore it if he was not the one who initiated it.

Later, Bashir tried to purchase airtime from MPesa to call home but he could not access the mobile money platform, prompting him to contact Safaricom Customer Care on Twitter, where his information and ID number were taken, but the assistance was insufficient.

He then decided to check his bank balance but his fingerprint lock was rejected while attempting to access the Absa Bank app and attempts to log in using his laptop were also unsuccessful.

Bashir says a withdrawal of Sh300,000 had already been made from his Kenyan currency account in two transactions and only Sh35,000 was left in the account.

He reached out to Absa Bank raising the matter and he was able to change his password but this did not held as the remaining amount was withdrawn shortly after.

This was followed by a withdrawal of $17,451 (Sh2 million) from his dollar account in 10 quotas, then his Sterling pound account, which had Sh231,000 in it. 

Bashir claims he survived on yoghurt and snacks from the hotel's breakfast until his family was able to send him some money after his accounts were wiped out.

He wrote to Absa Bank demanding an explanation as to how the fraudsters managed to gain access to his account despite changing his password.

"I would like to know how the fraud was conducted, what internal systems the bank has to detect illegal withdrawal of funds from my accounts and why did the fraudsters access my account on February 8 at 11pm SA time after I had changed my password," part of his letter to the bank reads.

Absa wrote back to him saying that the funds were transferred to two other banks and an MPesa money wallet via mobile banking. His Sim Card had was swapped.

"We managed to secure only Sh500,000 and credited the amount to your account on March 7. The rest of the funds unfortunately were already utilized…From the above sequence of events, we have established that security/password integrity in your account on the part of the bank. Kindly note the credentials are only known to the customer.”

“In addition, where a password is compromised, you are under a duty to inform us immediately so that we may take appropriate action to secure your account. Based on this, the bank is not liable for the net loss of Sh1,515,715 from your account," Absa said.

The bank further said that it has forwarded the matter to the Banking Fraud Investigations Department for further investigations.