A few years back, the tranquillity of a Sunday afternoon was taken away when this writer received an unexpected phone call.
“Your mobile-money account was blocked”, said the caller on the other side.
But how? In all my running’s’ with my telco operator, never had an issue of this nature occurred.
The caller on the other end identifying themselves as the network’s customer care service agent was now enquiring about my mobile-money account credentials to correct the anomalies leading to the blockade, or so it seemed.
My gut feeling would however call this a bluff, and after leading a back and forth interrogation of the matter at hand, the caller would hang-up unexpectedly.
A combination of intuition and trust issues had left my account credentials out of the conversation.
But many Kenyans who fall for this trick come to the realization that they have been defrauded hours and sometimes days later.
In spite of astronomical breakthroughs in the advancement of technology in recent years, social engineering remains the easiest methods that con artists rely on to defraud unsuspecting clients/customers.
The procedure is pretty straight forward- Call up your target, get them to trust you and boom! The con job is executed as fast as it was prepped.
Subscribers of telco giant Safaricom have been the most targeted individuals by the scammers posing as customer care reprentatives to fraudulently obtain customers’’ sensitive information that can then be used to initiate the hack.
However, Safaricom wasn’t to bring this issue to halt and moved to implement measures to safeguard its customers from this crooks.
The push back begins online with ‘Direct Messaging’ popularly known as the DM, where customers have over the years taken their grievances about network experiences and to raise queries.
While social media feeds provided an avenue to understand overarching customer issues at one go, the model provided hunting grounds for fraudsters to pick up key contact details and other supportive information to perpetrate crimes.
The operator is now encouraging consumers to desists from the public shares of queries and instead leverage direct messages which offers more privacy.
With social media platforms establishing end to end encryptions to conversation, fraudsters can no longer have the walk in the park experienced previously.
Moreover, phone calls too no longer lay the bait with the operator establishing a universal contact (0722 000 000) for all its external communication to customers.
The operator has also establishment of a portal to enable customers to reports suspicious mobile numbers from suspected fraudsters and imposters.
Other companies have also followed the suite to publicize their official communication channel.
The government through entities such as the Energy and Petroleum Regulatory Authority (EPRA) has also been publishing and publicizing its official communication channels to deter crooks posing as agents of the petroleum regulator.
Socially-engineered fraud remains the epitome of most fraudulent schemes, but the continued investments in counter-intuitive responses and continued client engagement are quite encouraging.