On Fri, Nov 11, 2011 at 12:31, J.R. Kirongothi
<kirongothi@kasneb.or.ke> wrote:
The thugs are never asleep devising ways and means of robbing us. I received the following from a friend:
Not sure you've heard of this incident? - Better be safe than sorry!
This incident happened to a colleague recently. A bad experience indeed.
He received a call from someone claiming to be calling from Safaricom. The caller was very composed.
The caller told him "thank you for being our loyal and valuable MPESA customer. You recall we had initially given you a black SIM card but changed to green". He answered in the affirmative. The caller then went ahead to tell him that Safaricom was running a reward promotion scheme for their loyal MPESA customers and went ahead to ask him to confirm his National ID number and year of birth. Unsuspecting, he disclosed that information. Coincidentally his birth year was also his Mpesa Pin no.
The guy posed for a while and asked him whether 19- - (say 1967) was his year of birth .He again answered in the affirmative.
The caller then told him he would be sent Nokia 8230, but before then he needed to dial *33*0000#, which he did. He was then told not to call or transact anything using his line for the next ten minutes as they perform transactions, purportedly at Safaricom, facilitating the process of receiving the Nokia 8230 set. He complied. He is asked about his current location, which information he gives.
After 10 minutes he tried to call back the number to confirm status of the alleged gift only for the following message to appear "Barring all outgoing calls activated for SMS services activated for all data circuit async".
After 15 minutes the wife calls him on his alternate line claiming that someone had called her using his (husband's) safaricom line telling her to send them Ksh.10,000 for his release from arrest. She is baffled and hence decides to use alternate line, only to discover he is safe and sound.
A case of sheer coincidence and utmost gullibility, typical of Kenyans.
As Dennis says, this is simple social engineering attack.
Their other modus operandi is they send you a fake M-PESA message and call you shortly after, telling you that they sent the money to you by mistake and proceed to request you to just (and kindly) agree to send the money back to them (instead of calling M-PESA help line to do the reversing). I remember one such guy even prodded me to deduct kitu kidogo for my soda and send him the rest.