BY SILAS NKALA / DARLINGTON MWASHITA / FREEMAN MAKOPA
A MAKOKOBA resident was on Monday defrauded of $26 612,97 by suspected cyber criminals after they allegedly hacked his bank account by sending text messages instructing him to punch a code which gave them access to his account.
Mzilikazi police received a report from Reuben Mpofu (54) of Makokoba, who said his CABS bank account had been hacked and cleaned of all the money, leaving only $3,30.
“Circumstances are that on October 2, the complainant’s CABS bank account was credited with a sum of $26 612,97 as his pension lump sum,” a police source said.
“On October 5 at around 12:16pm, the complainant received a short message service (SMS) on his Econet line purportedly to be from the Central Africa Building Society (CABS) Bank … The complainant had earlier ignored the first same message, which was sent at 12:13pm on the same day.”
The police source stated that soon after receiving the second message at 12:16pm, at exactly 12:17pm, Mpofu received an anonymous call asking him to respond to the short message service.
Mpofu then supplied the suspect with the code, 631220, which had been sent through SMS. The victim was thinking it was genuinely from CABS.
“At exactly 12:23pm, the complainant received a notification that a sum of $10 000 had been debited from his account. He then phoned the suspect’s phone number and he stated that he was fixing the account and promised that the money was to be credited back into complainant’s account,” the source said.
“At around 12:24pm, another $5 000 was debited from the complainant’s account. The complainant then phoned the suspect, who said they were about to finish fixing his account. The complainant then decided to wait for the bank to fix his account and never suspected any foul play since he had been banking with CABS for a long time.”
The police source said at 12:29pm on the same day, $750 was debited from Mpofu’s bank account and a series of deductions went on until the balance on the complainant’s bank balance was $3,20.
“Mpofu then decided to physically visit the bank to confirm the transactions and the same suspect phoned him while he was in the queue at the bank and promised that he was still fixing his bank account. He also identified himself as Tapera from CABS bank.
“The complainant then waited patiently for about 20 minutes, but nothing materialised. The complainant then proceeded to the banking hall and the branch manager at CABS Bulawayo Jason Moyo Branch advised him that his money has been stolen and urged him to report the matter to the police. The total value stolen is $26 612,97,” the police source said.
“The complainant then proceeded to Mzilikazi Police Station to file a report and investigations are underway.”
The alleged fraud was confirmed by the Bulawayo police spokesperson Inspector Abednico Ncube, who yesterday issued a warning to citizens to avoid responding to text messages concerning their bank accounts following the fraud which befell Mpofu.
“We have discovered a new crime where people have lost substantial amounts of money to thugs. Though we have only received cases from CABS bank, however, those who use other financial institutions should take caution,” he said.
“What they do is, you receive a text message purporting to be from your bank. Then they will tell you to enter a code in your phone as acknowledgement. Believing that it will be genuine, you will respond, and in a few minutes to follow, all your account will be cleared of the money that you have.”
He added that citizens must ignore such messages or report to the police if they suspect they are about to be defrauded.
CABS managing director Simon Hammond said they were concerned about cases of fraud and would continue to warn CABS account holders of the risk of responding to messages requesting them to reveal their identities or PIN numbers over the phone or through SMSes.
“CABS will never ask you to confirm any personal banking information PIN, OTP (one-time passwords) over the phone. Do not honour such requests. Call CABS immediately on 0242-883822,” he said.
“In addition, OTPs (one-time passwords) sent to customers contain a similar warning. As we develop our services, systems and apps, we will embed further measures to combat fraudsters.
“We will look at the merits of this individual case (customers of all banks are at risk) and refund if appropriate, as we do for other cases of fraud.”