A multi-agency security team has identified a ploy cyber fraudsters use to target retired civil servants and defrauding them of their lump-sum retirement benefits days after it is deposited into their accounts.
The fraudsters are said to be spoofing banks’ customer care telephone numbers or using numbers that are very similar to banks’ numbers normally with just one different digit thus making it easy to convince the retirees that they are dealing with legitimate customer care officers.
The criminals have also been found to be in collusion with sources within banks who inform them when a retiree receives money into their bank accounts.
According to the multi-agency team, the cybercriminals then make a transfer of a small sum, usually between Ksh. 100,000 and Ksh. 150,000 to an Airtel number in a scheme involving bank insiders.
The criminals then call the victim with a spoofed number introducing themselves as bank customer care after which they are told that they have noticed suspicious activities in their account and they want to help them secure their cash before it is all withdrawn.
“Having gained the confidence of the victim, the criminals go ahead to instruct the victim to use their banks’ USSD code and transfer the cash in batches through Pesalink to bank accounts read out by the criminals,” the team stated.
By the end of the ordeal, the victim realizes that they have transferred all their money to accounts in other banks that they have no control of.
“When they reach out to customer care of the banks, they realize it was not customer care that had called them. The victims are usually left penniless as the banks don’t compensate losses that result from their actions.”
