Hacked | Security group flags MTN Nigeria *904# recharge code

29/03/2018 Kolade Akinola

now playing

Airtel Nigeria Unveils Commercial Data Centre to Support Businesses, Organisations

29/03/2018 Kolade Akinola

now playing

Xiaomi Poco X3 NFC: A Refreshing Look at the Nifty Smartphone

29/03/2018 Kolade Akinola

now playing

Olawale Ige, ex-Communications Minister, Dies at 83

29/03/2018 Kolade Akinola

now playing

Liquid Intelligent Technologies to Buy Israeli Tech Firm

29/03/2018 Kolade Akinola

now playing

‘Anybody that tampers with telecoms infrastructure is tampering with your future and the future of your children – they should be resisted and reported'

29/03/2018 Kolade Akinola

big_four_mnos_in_nigerian_telecoms_industry

now playing

NCC: Why Nigerian Telcos Can't Hike Rates

29/03/2018 Kolade Akinola

now playing

MTN, Mafab Start Nigeria 5G Deployment in August, NCC Says

29/03/2018 Kolade Akinola

now playing

What’s Inside the Motorola Defy smartphone?

29/03/2018 Kolade Akinola

now playing

Women Get 50% Slots as ADB's Digital Skills Centres Open in Nigeria

29/03/2018 Kolade Akinola

now playing

Non-fungible Tokens (NFTs) and the Future of Capital Raising in Africa

29/03/2018 Kolade Akinola

The *904# code introduced by MTN Nigeria for easy recharge has opened an equally easy gateway for fraudsters to dupe subscribers on Nigeria’s largest mobile phone company, a tech security group in the country has alerted.

Information Security Society of Africa-Nigeria (ISSAN), warns that MTN Nigeria subscribers using the *904# code are now easy prey to hackers because the mobile service opens a back door into users’ account details, according to the group’s report seen by Technology Times.

The MTN *904# code is the so-called mobile Unstructured Supplementary Service Data (USSD) code issued by MTN Nigeria for easy purchase of airtime by its subscribers.

Meanwhile, the technology security group, ISSAN, which evaluated mobile banking fraud trend in 2017 says at its February meeting in Lagos that the affected MTN *904# code has become a vulnerability that allows fraudsters get customers’ account details through gaps in the service.

According to ISSAN, the 904amount# USSD code reveals all accounts linked to the phone numbers, thereby putting subscribers at risk of being duped by fraudsters.

The service is also called MTN on Demand allows MTN subscribers purchase airtime directly from their bank account without extra charges.

Currently, seven Nigerian banks on the MTN platform include Zenith Bank, Diamond Bank, Stanbic Bank, FCMB, Fidelity Bank, First Bank and Access Bank, ISSAN says.

MTN Nigeria, the nation’s biggest mobile phone operator by subscriber numbers, with 53,442,969 active connections account for 36% of the total subscribers in Nigeria, according to the latest market information by Nigeria Communications Commission (NCC), the telecoms industry regulator.

ISSAN suggested that a USSD code be implemented that can allow customers urgently disable their account when their mobile phone is lost.

”There is need to sensitise the customers of the importance of reporting the loss of their phone lines to the bank in order to prevent fraudsters accessing the phones”, the tech security group says.

Also periodic Know Your Customer (KYC) update was suggested by the tech security group to avoid invalid phone numbers on accounts.

Another mobile banking fraud trend in 2017 is inbound remittance frauds that were reported in which fraudsters intercept/hijack inbound Western Union and MoneyGram reference numbers with the alleged help of insiders in some undisclosed financial institutions.

According to ISSAN, ”they use details of the beneficiary provided by an insider to produce fake old national ID (which is unverifiable) to collect/receive the funds. All were encouraged to check that unverifiable IDs are not being used in collection of inbound remittance.”