Cyberbullying by digital lending mobile application owners has been reported by the Cyber Security Authority (CSA) in Ghana. The CSA has received reports of threats to users of digital lending mobile applications (Apps) that can be found on Google Play Store or shared as Android Package files (APK) via social media.
The Apps offer loans at varying interest rates and payment terms. When subscribers default in repayment, the owners of these digital lending Apps threaten them with having their identities published as wanted persons or fraudsters on various social media platforms and to their contacts. In some cases, the App owners follow through with their threats. Victims have also reported receiving threat messages even though they had not taken such loans.
The commonly reported Apps in this scheme include FourCredy, FiCashX, 4Cedi, Aliloan, Boseapa, CediBoom, Cocoaloan, Mach Loan, Easy Loan, and Onloan.
The victims would typically have granted these Apps permissions during installation (unknowingly or without proper scrutiny), to access their data and personal identifiable information (PII) e.g., name, phone number, Ghana card ID number, contacts, photos, etc.
A Bank of Ghana notice (BG/GOV/SEC/2022/10) states that it has not licensed any company to provide digital lending services of such nature to the public. In addition, these digital lending Apps have not met the compliance obligations of the Data Protection Commission (DPC) and hence their access and use of the data and PII of users are in violation of the Data Protection Act, 2012 (Act 843).
The CSA recommends that the public should avoid subscribing to these mobile applications since they are not sanctioned by the Bank of Ghana and the Data Protection Commission. Individuals who patronize these services do so at their own risk. The public is further advised to review access permissions for mobile applications carefully before installing them.
The CSA has a 24-hour Cybersecurity/Cybercrime Incident Reporting Points of Contact (POC) for reporting cybercrimes and for seeking guidance and assistance on online activities. Call or Text-292, WhatsApp-050 160 3111, Email – report@csa.gov.gh.
This public alert was issued by the Cyber Security Authority on January 12, 2023. The CSA warns that the public should be vigilant and report any suspicious behaviour from digital lending Apps to their 24-hour Cybersecurity/Cybercrime Incident Reporting Points of Contact.