Fraud in the telecommunications sector is costing the South African economy an estimated R5.3-billion/year – and Sim swap-related attacks are a significant contributor, accounting for 60% of all mobile banking breaches.
This is according the Communication Risk Information Centre’s (Comric’s) 2025 sector report, released on Tuesday.
Comric is an industry body funded by MTN, Vodacom, Telkom, Cell C and Liquid Intelligent Technologies that assesses and works to mitigate against risks threatening the sector’s resilience, including infrastructure crime, cybercrime and natural disasters.
“Our sector is under increasing strain from global shocks, technology transitions and geopolitical uncertainty,” said Thokozani Mvelase, CEO of Comric, at a launch event in Sandton.
“Cybersecurity ranks in the top three global risks by likelihood and impact in the next two years. Our infrastructure is a conduit to many crimes that take place across society: extortion, scams and a whole basket of issues all happen over mobile networks.”
In compiling the report, Comric combed through global crime statistics before focusing on telecoms sector-related crime. Once a global perspective was developed, the organisation analysed local crime statistics, comparing local and international trends. Data from its member telecoms operators was also used to compile the report.
Rica? What Rica?
According to Mvelase, in the four months between January and April, Comric member-operators processed around 3 600 Sim-swap requests; only 3% of these were detected to be fraudulent. However, reports from the banking sector suggested the rate of Sim-swap fraud was significantly higher, meaning criminals were taking advantage gaps between security features implemented by operators for Sim-swap requests and the multifactor authentication implemented by the banks for online banking.
To remedy this, Comric has partnered with the South African Banking Risk Information Centre (better known as Sabric) to improve vetting processes related to Sim-swap requests. Mvelase said this has led to a decrease in the number of fraud incidents reported.
Read: Vodacom sees spike in base station crime in some provinces
Closely related to Sim-swap fraud is the issue of fraudulent Sim card registrations that bypass the Rica Sim card registration process. Speaking at the Comric event, the chair of communications regulator Icasa, Mothibi Ramusi, said Sim card fraud needs to be fixed at the point of registration and that network operators have a bigger role to play.
“This is a technical issue. A person cannot register a Sim card onto a network if it is not on the operator’s asset register,” he said.
The telecoms sector faces a host of other cybersecurity risks including Sim-box fraud, phishing, ransomware and malware. Comric data showed that 95% of cyber incidents are related to human error, suggesting gaps in awareness posed the biggest threat. But Mvelase argued that raising awareness, usually done through training, is not enough if it does not lead to changes in user behaviour.
“We need to change the posture around cyber awareness, meaning we need to look at behavioural issues, because sometimes just doing awareness on its own does not help,” said Mvelase.
Another risk harming the telecoms sector is infrastructure theft and vandalism. According to Mvelase, Comric member-operators collectively lose an average of R150-million in revenue every three months due to this.
In the year from March 2024 to March 2025, diesel theft cost the sector between R250-million and R350-million, according to Comric’s report. Damage to and theft of generator sets were estimated at between R150-million and R250-million.
Other costs include security infrastructure and personnel, penalties resulting from defaults on service level agreements, customer churn due to network downtime and increases in the price of insurance. In total, Comric estimates that infrastructure crime cost the sector between R1.9-billion and R2.8-billion over the period under review.
Expansion
“This is before we even consider the downstream impact on other sectors that lost business because there was a disruption in connectivity. If we don’t arrest crime in the country, we will only find that these issues will escalate,” said Mvelase.
Read: South Africa must tackle Sim card fraud to escape FATF grey list
Comric chairman Peter Goss said that despite the insights gleaned from the report, the organisation’s ability to get a clear picture of how crime impacts the telecoms sector is limited by virtue of it only having five member operators. Goss said one of Comric’s goals in the next year is to expand its membership. – © 2025 NewsCentral Media
Get breaking news from TechCentral on WhatsApp. Sign up here.