Alright. People have been subjected to a new con game where fraudsters use Safaricom’s 072200000 line to reach out to customers, and lie about their intentions for a sole purpose: steal from them by emptying their M-PESA wallets. This sad conversation has been going on for a while and was actually reported widely in early 2019, gained momentum over the months, reached its peak later that year after a couple of Twitter users, most of whom confess that they are savvy enough to smell a fraudster from a mile away fell prey to these criminals.
Before we can examine the details of the scam, let’s address a few basics.
Yes, people are being called by Safaricom’s official number (0722000000)
Often, we have a series of customer care queries, and for those that cannot be solved via its 100 call centre or social media engagements, the carrier sees it fit to reach out to affected customers via the named number. It is a standard line because, well, Safaricom is Kenya’s biggest mobile operator, and the majority of people have interacted with it before, or have been told that that is their official line.
This situation has since created a channel for thieves who have understood that their target will believe them if they engage them in their crafty con game. Surely, who wouldn’t believe a call originating from the number? – bearing in mind that our Safaricom lines are tied to many services that may need further clarification from the carrier in the name of a phone conversation?
Affected parties have good money in their M-PESA
It should be noted people who have fell victim to this form of fraud are not many, but the suspicious thing is that they have a substantial amount of money in their M-PESA wallets. That is the kind of information that only folks at Safaricom have access to – and if we extrapolate from this premise, then it is a sound assumption that these cons have a relationship with the carrier, and that is as dangerous as it sounds. To this end, we have come to understand that some of these cases are targeted by design, and some people have even mentioned that they got a call from 0722000000 quizzing about their M-PESA details. Most of them had thousands of shillings loaded up in their accounts!
But how come Safaricom does not have enough checks on people who have access to the 0722000000 extensions?
In the past, people could get called by their loved ones, friends, or family that worked at Safaricom with the named number. It is one of those things Safaricom staff used to do, perhaps to genuinely reach out to their people (I am not sure if it is illegal to make personal calls using the extension) or to flex to them that they have a unique number. This activity has however not been common, maybe because Safaricom restricted access to approved employees or some other security reason. This has also been confirmed via a Twitter user who says that very few people can use the extension for external calls.
But still, people are being defrauded. But how?
Caller ID spoofing
This is an old technology that changes a caller’s ID to a number of their choice. While there are apps that can do this, the entire process of pulling it off, in this case, to display the 0722000000 number is not something many people can do. Thus, it is likely that whoever is performing these criminal calls has good IT knowledge, or has been apprised of the carrier’s security breaches to take advantage of. The details of the exercise have been discussed extensively and excellently by a Twitter user called Pauline.
Today I want to educate Kenyans on the new Safaricom ccon game on the Kenyan market. They say knowledge is important only when shared. A thread. pic.twitter.com/jZanzMK1Jb
— Pauline. (@kot_hacker) January 7, 2020
Anyway, she summarizes the thread by saying that while the hack is possible, most of it is done by insiders who understand Safaricom’s system and can play around with it.
Oh, this con game is a little different too
You see, M-PESA has been targeted by criminals because it is wildly popular and has a large sample size for cons to toy around with. It is synonymous with Windows being vulnerable to malware and viruses because millions of people use it, unlike Linux distros that are secure because the number of people using them is significantly fewer. The same thing can be said for Equitel that has gained a fair share of fraudsters.
Ordinarily, thieves randomly pick a number and spam it with social engineering SMSes or calls.
However, this new scam, as mentioned, does not rely on probabilities. They appear to know who they are calling and engage you in a manner that will make you trust them by asking personal questions and giving you ID details that they somehow have at their disposal.
Who has been affected?
There are several people that have fronted their stories on Twitter. It is a long conversation with damning details, so here are two threads that you can start with:
Conmen are now calling using Safaricom's official number. The game done changed
— Dan Riro (@Danfar_) January 6, 2020
To answer a bunch of y’all, here’s what happened….
— Njeri, dadake Kingston (@jnmukira) December 16, 2019
Possibly, additional people that may have been affected do not have social media accounts to detail their cases.
Safaricom, as always, will tell you to report the matter to the nearest Police Station, but we know how all that goes in the long run.
Other people cannot disclose being coned because they are embarrassed or fear being shamed by their listeners.
At the same time, the carrier has always insisted that customers should never reveal their M-PESA pins to anybody, not even people claiming to be Safaricom staff. This is right by all means, but it does not eliminate the fact that some people are not aware that PINs should be kept secret, and are subject to being shamed when they are scammed.
Investigations and remedies
In response to these claims, Safaricom says it will investigate all cases.
‘No stone will remain unturned,’ Safaricom said to one of its customers.
In the past, the operator fired workers who were involved in several cases of fraud and theft, including an employee that emptied an M-PESA account of a deceased customer.
Besides the probe, which we are confident will be thorough and will see some people charged or sent home, the carrier needs to do a better job by ensuring that the use of 072000000 is strictly for customer care services and nothing else. It also has a lousy rapport, so there is a lot of work that needs to be done to restore the faith that you and I had in it.
There are some cases where the number is saved in a target’s phone (where you save another phone address, but instead of a name, you use 0722000000). It can be identified by those who are keen, but it can easily be used to defraud you, especially if the thieves are people close to you. Just check your phone book if you are suspicious.
Lastly, keep your PINs a SECRET.
My friend and i were deducted 1 bob and when we asked we were told that we applied for skiza tune which we have never done and two customer care callers whom i called hang up on me twice and when i called the third time one said i hang up on them (which is a lie) how they are signing up for people like my friend and i for skiza tunes without our consent and applying okoa jahazi without my consent is a fraud .Also sending me messages of i dont have enough bundles at night when am alseep could also be a sign of trying to hack in my mpesa account(which makes me switch off my phone coz i end up waking up finding my phone still on and i have to reply to the message and my phone battery is almost down).So they need to followup in what they are doing or their karma will get them.
Maybe you were so defensive when calling. At times they are allowed to especially if you are rude. But i believe it’s not possible for them to give okoa jahazi without your consent. It happened to me once and i was so mad with the agents, only to realize i bought tunukiwa and since i did not have enough airtime was prompted to take okoa. Also skiza tune may be copied when calling someone i guess by mistake or a friend/small siblings may take advantage and subscribe. In short, i have learnt a lesson. Before criticizing analyze, you may spoil the customer care agent’s day yet you are wrong, they are human and bound not to stand some provoking. at times put yourself in their shoes.
Until Safaricom is forced by the government to repay / refund customers for EVERY shilling fraudulently stolen from an MPESA account by any scam, nothing will change.
It is up to Safaricom to secure every shilling deposited into a MPESA account.
Every business partnership is established on trust. If Safaricom LLC proves otherwise, we will Mount a fierce campaign to dislodge it from market dominance
Very very true I was conned in a very funny understood way ! It hurts but knowing this is going on Kenyans be keen , let’s all cooperate and have an open mind. They go ahead and block you in that you cannot contact any other safaricom help lines including this reversal no.456 for Mpesa! Really really ! It’s truly said a con game!
Keep watch people!
My friend was defrauded by Safaricom’s staff. The money she had received to pay for her school fees, and she sent it to KCB MPesa, was stolen without revealing her PIN! She was directed to dial numbers on the keypad while on the call. I guess they use the method to authorize the transfer, together with your voice. By answering “yes” to a random question, you give them authenticity to proceed. Until today, my friend’s education halted. Safaricom, Mungu Anawaona.
This happened to me just last Saturday 😭. They didn’t ask for my PIN or anything suspicious. They just got me to a call on speaker and asked me to dial some USSD code. 3k gone just like that. It was so smooth I was lucky since that was the only amount I had.
Now they are scamming using OkoaJahazi/ Okoa Bundles.They will impose an Okoa Jahazi that you have never taken and deduct any airtime you put on your phone.When you call in, the customer care agents are become rude and defensive.
Comments are closed.