Mobile money: Understanding the five fraud types threatening the sector

In 2023, the global landscape for mobile financial services saw the active operation of 310 services, with Sub-Saharan Africa accounting for over half. This region, characterized by low banking penetration, views mobile money as a vital tool for financial inclusion, especially in rural areas.

However, the mobile money sector has become increasingly susceptible to fraudulent attacks and cybercrimes, as highlighted by the Global System for Mobile Communications Association (GSMA). Since its emergence in 2007, mobile money has established itself as an economic growth driver for telecom operators such as Orange, MTN, Safaricom, and Airtel. Despite its positive impact, 84% of professionals within the mobile money ecosystem report a rise in fraudulent activities.

A recent GSMA study, conducted across 34 countries in Africa, Asia, and Latin America, identified five primary types of threats to mobile money, ranked by significance:

Identity theft
This involves impersonating another individual or entity to deceive others. Imposters may claim to be a person in need, soliciting money transfers from relatives or friends under false pretenses.

Social engineering

Fraudsters may pose as someone else to manipulate their target into disclosing sensitive information or granting unauthorized access. This tactic often combines identity theft with deceit, such as a fake mobile money agent requesting personal details to "update" SIM identification.

Insider fraud

Current or former employees, contractors, or business partners exploit their knowledge and access to execute fraudulent schemes against mobile money service providers.

SIM card swapping

This form of identity theft occurs when an individual takes over another person's phone number and/or mobile money account, effectively impersonating the victim.

Cyber fraud

This threat includes unauthorized access to mobile money systems through hacking or deploying malware, often via links sent to users.

The prevalence of fraud, particularly insider threats, is a significant concern for industry professionals, with 94% expressing worry over insider fraud committed by both internal and external parties. Collusion with external fraudsters has emerged as the most common insider fraud scheme.

The increasing attractiveness of mobile money to fraudsters is underscored by its extensive transaction volume. In 2023, mobile money services recorded 1.7 billion accounts globally, resulting in 85 billion transactions and over $1 trillion in funds transferred. Sub-Saharan Africa alone accounted for 835 million accounts, 62 billion transactions, and $912 billion in funds transferred, making it a target for numerous fraudsters.

In response to this illicit interest, various stakeholders, including telecom operators, fintech companies, and law enforcement agencies like Interpol, are intensifying awareness campaigns to educate users on best practices. Recommendations include never sharing security codes, verifying the authenticity of messages, using secure applications from certified platforms, enabling two-factor authentication (2FA), and regularly monitoring transactions for suspicious activity.

Essential collaboration

Given the dynamic nature of mobile money and the escalating threat of fraud, GSMA urges telecom operators to invest in enhanced anti-fraud programs and cutting-edge security technologies, such as artificial intelligence. The association also calls on governments to update legal frameworks to address the specific nuances of mobile money fraud, ensuring robust laws for effective prosecution. Collaboration among stakeholders is critical, encompassing awareness programs, data protection, and regular vulnerability assessments that threaten not only the mobile money sector but the entire financial ecosystem.