Defend Truth


Kafka, the bank statement and the cellphone company: A mundane story of a minor modern fraud


Mike Wills is a journalist and talk show host.

Fraudulent stop orders and debit transfers have become a part of our electronically governed lives. When a bot starts ripping off your account on a monthly basis, be prepared to go down a rabbit hole of Kafka-esque proportions. And hang on to any reference numbers the anonymous voice at the call centre might provide.

This is not a dramatic Shakespearian tale “told by an idiot, full of sound and fury, signifying nothing”. Excepting maybe the idiot bit, this is actually the reverse of Macbeth’s famous lament as it’s a tedious tale full of banality and bureaucracy, signifying a heck of a lot.

The sum involved is small – R689 to be exact – but, like butterfly wings that flap, that number expands exponentially into billions.

The wearisome journey begins with your anti-hero in March 2019 belatedly doing a thorough check of his Standard Bank online statements and immediately spotting two curious transactions appearing on a monthly basis.

MTN-SP” had taken R405.49 via “debit transfer” on 27 December 2018, and then R228 on both January 25 and February 25 2019. And “Safeguard” had taken R129 by “service agreement” on the 25th of every month since October 2018.

We didn’t have any MTN contracts and Safeguard meant nothing to me but, given the irritating fact that payee lines on statements are often completely different from the brand I had engaged with, it remained possible that these were legit transactions.

I phoned the Standard Bank fraud line which was answered promptly enough. Who are these guys? I ask. Can’t tell you, says the efficient voice, but for a fee of R60 we will e-mail contact details. Okay, I said, send me the stuff on Safeguard and I’ll get in touch with MTN myself.

The contact number provided for “Safeguard” belongs to Premier Growth Group which reports is a family-owned Durban-based financial services company trading as The Unlimited Group. Their brand pay-off line was “Shifting Lives” but the woman who answered my call was certainly not interested in shifting my life in any positive way. She said the 11-digit reference from my statement had no meaning for her, my ID number is not in their system, and, even though they did have a Safeguard product, they had no policies for R129. It’s “clearly nothing to do with us and go away” was the message.

At MTN’s office in Cavendish Square, Claremont, it was immediately established by a competent, friendly person that the MTN-SP transaction was registered as a contract sold by telephone from Randburg and was obviously fraudulent. At this point, I optimistically assumed on decisive action and a prompt refund to protect the MTN brand name. Fat chance. The next line was “what you must do is…”. Contrary to every principle of good service, in MTN’s view, this was clearly my problem and I needed “a police affidavit, stamped bank statements and a copy of my ID” before they would lift a finger about the fraud committed in their name.  

I phoned the bank back to confirm the frauds. They could immediately reverse any transactions within the past 41 days on these two accounts but anything before that time was not possible (why 41 days?). They also could put a block on future payments to these accounts but at a separate charge for each of them.

It was starting to piss me off that I was being charged for the bank’s own system failures but I asked for the reversal of any payments within the peculiarly prescribed window and requested the account blocks.  

A month later, no refunds had been made and the suspect accounts had been paid again on the 25th which cued a grumpy call back to the bank fraud line where a reference number on the previous call was requested (do I sound like the kind of guy that keeps that sort of thing?) without which they couldn’t trace the request and the process had to start again. The amounts were finally reversed but … this was where it got really weird … I was told that if the fraudsters each month so much as changed one digit on the automated code references, or altered the amounts by a single cent, then the payment blocks wouldn’t work and the money (and the fees for the ineffective block) would still go out of my account. Which the bad guys clearly know because that’s exactly what they’ve been doing, changing the reference codes each month.

So, I said in a bewildered voice, I cannot ever kill these things, they live forever, and I have to phone every month after the fraudulent payments are made to get them manually reversed? Yes, was the calm reply, as if this were perfectly logical and … extra weirdness alert … the only way to properly fix this was to close my account and open a new one. Which would be a monumental ball ache but I considered doing it immediately until I was informed that I should wait until I get my refund from MTN (of the R689 in payments made before the 41-day limit) because that could only be repaid into the same account that was defrauded.

I now felt lost in a Sisyphean world (Sisyphus was the oke futilely rolling the stone uphill forever as a punishment, if you’d forgotten) but I doggedly got stamped statements from the bank and headed to the normally efficient Rondebosch SAPS for an affidavit where an interesting philosophical question was immediately posed. Where was the crime committed? 

I can only report this crime at Rondebosch police station if it was committed in Rondebosch. Because I originally discovered the fraud while logging on at home within their catchment area I am okay, but if I’d made the discovery when I was in Pofadder, for example, then, according to the SAPS system, that would be the scene of the crime and I would have to go there to report it. But where was this crime actually committed? It could be Bangalore, Polokwane, Sea Point, Beijing or the Kremlin. Who knows where these bastards actually operate from, assuming they’re human and are not bots. Which prompts another deep conundrum worthy of Wittgenstein – can you arrest a bot?

Back to the irksome (I am working the online Thesaurus for synonyms of tedious) pursuit of justice or, failing that, R689. I had taken a printed report of everything, including payment reference numbers, to the cop shop in the hope that this could simply be stamped and signed. But … more weirdness … the police report had to be handwritten (is this 1956?) by an officer … very slowly. And they didn’t do affidavits, but assured me that the case number, which would be texted within 24 hours, would suffice.

The case number appeared as promised (score one for SAPS) and back to MTN I went. You must have an affidavit, he said coldly. SAPS don’t do affidavits, I said. Yes, they do, he said. The case number should suffice, I said. No, it doesn’t, he said. Cue an uncharacteristic hissy fit that his company had defrauded me and he was making me jump through meaningless hoops to get my money back followed by immediate guilt about this hapless underpaid bloke trapped in seven shades of work life hell listening to my ranting. We’ll see what we can do, he said, and the paperwork was grudgingly filed. Someone, I am told, will be in touch within 48 hours under reference #42089653529 (sadly I have now become the kind of guy who does keep these details).

More than two weeks later, predictably I’ve heard nothing and have devoted way too many hours for my sanity to getting nowhere in the hunt for my pittance. This, I assume, was the desired outcome in order to make me give up. And my bank accounts are still having fraudulent sums sucked out of them each month even though everyone knows there’s criminality going on. Are these guys using Franz Kafka as a consultant? Or is George Orwell writing their scripts?

Other than for my own catharsis, why am I inflicting this humdrum tale upon you? Precisely because it is so humdrum. No one was alarmed, concerned or sympathetic. This kind of fraud is just part of the system and the response is now completely institutionalised. And this is not a 419 scam or obvious phishing or slack clicking by me on dodgy links, these are direct monthly payments sucked out of my account without any evidence provided of my consent. And this is consequence-free criminality. No risk. I know what they are doing but can never find them and there is no disincentive for them to just keep trying every month. Not one of these blokes has ever been prosecuted as far as I am aware. (And, no joke, as I am writing this I get a text notifying me that the “MTN” debit fraudsters have upped their game this month to R707 … and I have now spent 30 minutes so far holding on the line without a human answer to get it reversed).

I am sure at exco level at Standard Bank (and every other bank) this fraud is a monthly dashboard ratio which either rises or falls and is “managed” accordingly. Like all lump numbers, it renders the problem impersonal and there’s no appreciation that each incident represents a total failure of the business.

Trust me, I have spared you many wearisome byways and detours as I have recounted my draggy tale, but enough already, I hear you scream, with the bromidic, arid, ho-hum, pabulum (just clearing out the remaining Thesaurus synonyms for tedious) story. Just tell us what can be done about it.

In the UK, no money can be deducted from a bank account without explicit consent for each payment; we need that system here urgently.

Online bank statements should accurately reflect who we have paid money to – the constant disconnect between the unrecognised name on the statement and the brand name we interacted with is a big barrier to spotting fraud. And those statements should automatically store a contact number and address for each transacting entity. Debit orders on statements should contain links to scans of signed approvals.

As consumers we should stop requiring immediate access to products – there should be hassle, delay and process in committing to a 24-month debit order on your account for a cellphone. That is a safety mechanism.

We should also be wary of demanding more convenient mobile access to banking – tap and go, instant app transfers, verbal payment details, click click money gone – because that makes the system much more vulnerable.

Cellphone companies should stop selling contracts via phone. It’s a practice wide open to abuse and the MTN office had several people in it who’d verbally agreed to an unsolicited “Summer Special” via their phone only to find mysterious and inflated debits.

SAPS must shift from handwritten documentation (maybe save 40 years by skipping out typewriters and PCs and going straight to cellphone scanning). They should also set up a dedicated reporting space (logically it should be online) to report and act against online fraud. Plus they urgently need a new definition of “scene of the crime”.

And, please, can someone create a nasty virus – the virtual equivalent of that purple dye in ATMs which explodes when cash is stolen – which automatically targets anyone trying this type of fraud and crashes their computer systems, gives them herpes and forces them to visit a cellphone company office with a handwritten police affidavit and stamped bank statements just to get their lives back. DM


Please peer review 3 community comments before your comment can be posted