By 2023, 310 mobile financial services were already active worldwide. Sub-Saharan Africa was home to more than half of these. The continent, which has a low rate of banking access, sees this solution as an asset for financial inclusion, especially in rural areas.
Mobile Money, a money transfer service via mobile phones, is now a recurring target of fraudulent and cybercriminal attacks, laments the Global Mobile Operators Association (GSMA). The service, which has earned its place as a lever for economic growth for many telecom operators such as Orange, MTN, Safaricom, and Airtel since 2007, and is a flagship solution for financial inclusion in Africa, is experiencing an increase in these attacks, according to 84% of professionals in the Mobile Money ecosystem surveyed by GSMA. These are people in middle or senior management positions with in-depth knowledge of—and experience with—Mobile Money fraud.
In its study of 34 countries in Africa, Asia and Latin America, published in March 2024, the Association indicates that five main types of threats against Mobile Money have been identified in order of importance:
Identity theft
Impersonating another person, real or not, and/or representing an entity for the purpose of deceiving others. The person or entity that the imposter claims to be or represents may be genuine, fictitious, or created from a mixture of genuine and/or fictitious information (e.g., pretending to be a member of a family in difficulty and asking relatives for money transfers).
Social engineering
Impersonating someone else to manipulate the target into disclosing information, granting unauthorized access, or performing certain actions that lead to fraud. This type of fraud involves identity theft and deception (a fake Mobile Money agent requesting personal information to update SIM card identification).
Infographic: The Main Types of Threats to Mobile Money
Insider fraud
A current or former employee, contractor, or business partner of the Mobile Money service provider implements a fraudulent scheme by taking advantage of their knowledge, skills, experience, or insider access.
SIM swap fraud
A form of identity theft where one person assumes the identity of another by taking over their phone number and/or mobile money account or wallet.
Cyber fraud
Intrusion into the Mobile Money service by hacking the computer system or using a Trojan horse (link sent to a user that introduces malware when clicked)
Fraud and insider threats emerged as a major concern among professionals surveyed by GSMA. Ninety-four percent of them said they were concerned about insider fraud perpetrated by both internal and external parties. Collusion with external fraudsters to commit fraud was identified as the primary insider fraud scheme.
Ali Baba’s Cave
Mobile Money’s growing appeal to fraudsters is explained by the significant volume of financial transactions carried out each year. In 2023, the service already recorded 1.7 billion accounts worldwide, accounting for 85 billion transactions and over $1 trillion in funds transferred. Sub-Saharan Africa alone accounted for 835 million accounts, accounting for 62 billion transactions and $912 billion in funds transferred. This amount of money makes Mobile Money a target for many fraudsters and cybercriminals of all kinds.
Infographic: The players most impacted by mobile money fraud
Aware of this illicit interest in Mobile Money, many players operating in the business sector and in the security sector (telecom operators, Fintech, Interpol, etc.) are increasing campaigns and calls to raise awareness among users about good practices to observe. They insist on the need to never share security codes, because even legitimate companies do not ask for them; always check the authenticity of messages and links received and contact the service via its official channels in case of doubt; always use secure applications downloaded only from certified platforms; activate two-factor authentication (2FA) to increase your security margin; regularly monitor your transactions to detect any suspicious activity and report it.
An essential collaboration
Given the dynamic nature of mobile money and the growing threat of fraud in this sector, GSMA recommends that telecom operators invest more in anti-fraud programs, cutting-edge technologies that support security such as artificial intelligence and rigorous monitoring of third parties (agents, technology providers and other third parties). The Association calls on governments to update and improve legal frameworks to address the specific nuances of mobile money fraud, ensuring that laws are robust enough to enable effective prosecution in such cases. Importantly, the collaboration of different stakeholders on various measures, including awareness programs and information sharing, data protection and regular assessment of vulnerabilities that not only jeopardize the mobile money sector, but the entire financial ecosystem.
Source: Extensia
