Thief transfers R630k from woman's bank accounts after phone snatch

In this weekly segment of bite-sized chunks of useful information, consumer journalist Wendy Knowler summarises news you can use:

Who are you going to call when your cellphone is snatched?

If your answer was your cellphone service provider and you have a banking app on that phone, you’d be at high risk of having your bank accounts cleaned out if a thief made off it.

It’s been a while since I warned about this particularly nasty form of bank fraud, and I’m doing so today because I’m investigating the case of a woman who had more than R630,000 transferred out of her accounts earlier this month shortly after her phone was grabbed out of her hand while she was using it.

Within minutes she had used her laptop to block her phone, but she was then offline for the next two days.

When her new SIM activated, she found messages from her bank warning her about suspected fraudulent activity on her account. It hadn’t occurred to her to de-link the banking app on her phone, something she could have done on that laptop, too.

WHAT TO DO: If you have a banking app on your phone, find out how you can de-link it via another device so you’re prepared should a thief make off with it.

You should also make sure you have your bank’s fraud department’s number saved. It’s a good idea to make that call, too.

Be aware that using your phone in public places such as outdoor restaurants or hailing an Uber makes you a target. How criminals obtain the passwords needed to access those banking apps, is a longer story for another day.

Why it’s a good idea to check the amount on a point-of-sale machine before confirming payment

Two weeks ago, Kim bought goods for R621.91 from an international brand’s boutique in Johannesburg. She paid by debit card, punching her PIN into the point-of-sale (POS) device but neglecting to check the amount on the screen.

“The cashier had accidentally added a zero so R6,291.00 went off my account, which I only noticed when I got back home,” she told me.

“I immediately returned to the store, where the assistant apologised and offered to refund me in full, including the cost of my purchase. I was told it would take seven to 10 working days.

“Being so close to month-end and such a large amount, I don't think this is OK,” Kim said.

Few would argue with that. Here’s the problem: according to the Payments Association of SA (Pasa), refunds to single-message transaction debit cards — the Electron and Maestro debit cards — are technically not possible in many cases.

They are possible on “dual message” cards such as MasterCard Debit, and therefore allowed by Pasa’s clearing rules. But Pasa warns that “from a risk mitigation point of view, there may be instances where the acquiring bank doesn’t allow merchants to process refunds”.

So if you paid by debit card and you’re due a refund, it’s best to accept cash.

The good news is that Kim got her money back 10 days later.

About that POS human error: such mistakes can easily happen when the shop assistant is required to manually input the amount. With so-called “integrated” POS that risk is removed because the register and the POS device communicate with each other — there’s no need to input the amount. But it is clearly a good idea to get into the habit of checking the amount before entering your PIN.

A PSO about posting letters and statements online

To those who tag companies on Twitter or Facebook expressing anger about shoddy treatment by corporates or asking questions, please do not post letters or statements to back up your point.

It astonishes me how often this happens. This week Ahmed (not his real name) shared his gripe with his insurer’s premium increases and then posted two letters from the insurer to support his claims, tagging me.

Both contained his name, his ID number, cell number and e-mail and physical addresses. That’s playing right into the hands of identity fraudsters and others with malicious intent, and it’s a spammer’s gift.

It’s a really, really bad idea to share any of your personal information on a public platform. Thankfully Ahmed took my advice and quickly deleted those images.

• GET IN TOUCH: You can contact Wendy Knowler for advice with your consumer issues via e-mail: consumer@knowler.co.za or on Twitter: @wendyknowler.