Wallet hijack: The latest cybercrime trend

Your smartphone’s digital wallet might not be as secure as you think. Cybercriminals have devised a cunning new scheme that turns the convenience of mobile payments against us, using tactics that blend traditional phishing with cutting-edge tech savvy.

This sophisticated scam is gaining traction, with fraudsters targeting unsuspecting victims by exploiting the process of adding cards to digital wallets. They’re effectively mimicking legitimate online payments to pilfer sensitive financial information right from under our noses.

“Criminals have realised that the process of loading a debit or credit card onto a digital wallet is similar to the process of making an online payment using these cards,” explains a spokesperson from FNB. “Both processes require card details to be entered into an online portal and both require the submission of a one-time password (OTP) to confirm the process.”

The scam typically begins with a text message, seemingly from a reputable organisation, requesting a small payment for a service like parcel collection. But there’s a sinister twist: instead of processing a payment, they’re secretly loading your card onto their own digital wallet.

The crux of the scam lies in the victim unwittingly providing the OTP, believing it’s for a small transaction. In reality, it’s the final step in adding their card to the fraudster’s digital wallet. Once complete, the criminal can use the card by presenting their own biometrics, as the card is now loaded on their device.

As these attacks become more prevalent, it’s crucial for consumers to stay vigilant. FNB has shared several strategies to help protect against these digital wallet scams:

  1. Keep calm: Fraudsters often create a sense of urgency to prompt hasty actions. Remember, legitimate institutions will never ask for OTPs, PINs, or passwords under pressure.
  2. Avoid clicking links: Be wary of emails or texts from unknown sources. Reputable banks won’t ask you to click on links in messages.
  3. Scrutinise OTP requests: Pay close attention to the wording. An authentic digital wallet OTP notification will specify which card is being linked to which wallet.
  4. Enable two-factor authentication: This adds an extra layer of security to your accounts.
  5. Follow your bank’s safety guidelines: Stick to official recommendations from your financial institution.
  6. Keep software updated: Regular updates help protect against vulnerabilities.
  7. Verify contact details: If suspicious, contact your bank using details from their official website.

“Consumer and financial institution vigilance is essential to fraud prevention,” the FNB spokesperson emphasised. As our financial lives become increasingly digital, staying informed and cautious is more important than ever.

Reframed is your trusted source for in-depth insights into the ever-evolving world of technology. We delve into the business and culture of technology and the impact it has on life, culture, society and the way in which we work and communicate.