Defend Truth


The Big Issue at risk of closure following R600,000 cyber scam

The Big Issue at risk of closure following R600,000 cyber scam
The Big Issue is battling to survive after scammers robbed it of R600,000. (Photo: Ashraf Hendricks)

It was a targeted attack, says cyber security firm probing the theft from the magazine’s account.

The Big Issue may have to close early next year if enough money doesn’t come in to cover the R600,000 lost in a cyber scam.

“If we don’t get funds from the public now, it will kill us,” says Derek Carelse, managing director of The Big Issue. The Big Issue now hopes to raise enough money through donations to recover the R600,000 and cover operational costs.

On 6 June, The Big Issue received an email purporting to come from their printers, saying the printers were changing their bank account and sharing an FNB account verification letter, which was fake. Over the next three months, R600,000 was paid into this fraudulent account from The Big Issue’s Standard Bank account.

The error was discovered on 6 October. By then it was too late.

“It’s a very simple thing. They imitate the person and the look and feel of the email coming from someone, but it’s not actually coming from them,” says Carelse.

Leon Hannibal is the head of investigations at Wolfpack Risk, the cyber security firm conducting an investigation for The Big Issue pro bono. “This was clearly a case of business email compromise,” says Hannibal. He says from the emails it is clear this was a “targeted attack”. How the fraudsters got login access to the email accounts of The Big Issue and the printers is not clear.

Looking at the attacker’s emails, Hannibal says there are “clues” that make them suspect:

  • The email address isn’t that of the printers;
  • On the bank verification letter sent to The Big Issue by the scammers, there is a reference number that supposedly can be verified with the bank. But this reference number is false.

Hannibal says phishing emails are very frequent and this is one of the most common ways people lose money. According to a Surfshark report, South Africa is the fifth most susceptible country to cybercrime in the world. “We’re very technically advanced but the average person is not very technically savvy,” Hannibal says.

Read more in Daily Maverick: Five things South Africa must do to combat cybercrime

He says the best protection against these attacks is the 2 Factor Authentication (2FA). With 2FA, a second layer of security is created, by requiring a second device to authenticate a login. For example, a unique authentication code (or token) is sent to your cellphone when you try to log in.

The bank

Carelse says that both FNB and Standard Bank have investigated the fraud, but the money has already been withdrawn from the scammers’ account.

In order to open a bank account today, Financial Intelligence Centre Act (Fica) requirements need to be met. This includes an ID number and proof of address.

But Roshan Jelal, Head of Fraud at FNB, says accounts which are opened legally can later be used for “nefarious purposes”.

“Fraudsters use stolen or synthetic identities to open bank accounts, or syndicates employ the services of mules who are properly authenticated and verified, and these can delay the detection and closing down of fraudulent accounts.”

Carelse says The Big Issue had opened a case with the police.

FNB would share relevant information with the police, said Jelal.

Hannibal thinks that banks should be more proactive and that they should be tracing where the money went when it was withdrawn from the fake account. “Was it transferred into another account?” He says that there has to be a paper trail.

“This is not an anonymous bitcoin wallet. It’s a South African bank account,” he says. Banks should have more control over sums of this size, he says.

The cover of The Big Issue’s November issue is dedicated to the scam. It has a bright yellow cover with a big black eye in the centre and the words “DIGITAL CRIME ALERT!” written in bold. The magazine used the scam as a public service announcement. “People really need to know how this thing works. So many people have fallen for this”, says Carelse.

The Big Issue was first launched in 1991 in the UK. The first South African issue appeared in 1996. “We’re essentially a job creation project,” says Carelse.

There are about 120 vendors across the Western Cape, selling “The Big Issue” and the “Little Issue”, a literacy magazine for young learners. The magazine costs R30 and half goes to the vendor. The organisation also runs workshops for skills development such as sewing, supports vendors by helping their children through school and fixing their homes, and also offers health support by bringing doctors to the offices.

Carelse says it’s not clear if they’ll receive their money back. The cost of operations at The Big Issue is around R3.5-million a year. DM

Derek Carelse, The Big Issue

It’s not clear if the money will ever be recovered, says managing director Derek Carelse. (Photo: Ashraf Hendricks)

First published by GroundUp.


Comments - Please in order to comment.

  • Alley Cat says:

    I was targeted by a phishing email that I recognised as such. After I got the scammer’s bank account details, I contacted the bank’s fraud division and asked them if they could trace and arrest the suspect. I even offered to pay some money to make it look like I was cooperating with the scammer, but the bank wasn’t interested. Great work guys!

    • Dominic Rooney says:

      In fairness to the banks, I imagine they have to deal with hundreds of these incidents every day and it’s simply too much effort and cost to pursue these low-level crooks who are often off-shore anyway. I receive phishing emails and ‘phone calls regularly and discard or reject them. It’s got to the point that when I receive a call purporting to come from the bank’s or mobile provider’s Fraud Division I start the conversation with the statement that I’m treating it as a scam call. Anyone who asks for a PIN or to open one’s mobile banking app is a scammer. I suspect one of the endemic problems is that of crooks working in financial organizations who have access to data that makes them appear more credible; and one should not ignore the possibility of one’s own employees being in on the scam. I don’t have much sympathy for the Big Issue publishers – the bogus banking credentials email is an old scam and they should have confirmed the new details with the payee but not via email; they let it run for three months. One must operate on the principal that emails are inherently insecure.

    • David A says:

      Banks are in the business of making money, not fighting crime. I don’t blame them for not being interested. Chances are the owner of the account in their system isn’t even associated with the actual fraudster anyway.

Please peer review 3 community comments before your comment can be posted


This article is free to read.

Sign up for free or sign in to continue reading.

Unlike our competitors, we don’t force you to pay to read the news but we do need your email address to make your experience better.

Nearly there! Create a password to finish signing up with us:

Please enter your password or get a sign in link if you’ve forgotten

Open Sesame! Thanks for signing up.

We would like our readers to start paying for Daily Maverick...

…but we are not going to force you to. Over 10 million users come to us each month for the news. We have not put it behind a paywall because the truth should not be a luxury.

Instead we ask our readers who can afford to contribute, even a small amount each month, to do so.

If you appreciate it and want to see us keep going then please consider contributing whatever you can.

Support Daily Maverick→
Payment options

Otsile Nkadimeng - photo by Thom Pierce

A new community Actionist every week.

Meet the South Africans making a difference. Get Maverick Citizen in your inbox.