A cybersecurity expert has called on telecommunications companies, particularly mobile money operators, to critically assess their systems for vulnerabilities as mobile money fraud continues to surge across the country.

Speaking on JoyNews' NewsDesk, Yaw Ansu Gyeabour warned that recent reports of mobile money scams point to possible system weaknesses that may be exploited by hackers or insiders.

“These incidents may be due to vulnerabilities within the system that have either gone undetected or are being exploited by hackers. It could also involve insider threats, where information is leaked from within,” he explained.

His comments follow a viral TikTok video by an MTN customer who alleged her MoMo account was emptied without her involvement—one of many such complaints surfacing online in recent weeks.

Meanwhile, MTN’s MobileMoney Limited, in a statement, addressed the growing concerns over fraud on its platform.

However, Mr Gyeabour recommended that telcos urgently conduct ethical hacking or penetration testing to uncover any hidden flaws in their systems.

“There’s something called ‘zero-day vulnerability,’ where a flaw exists in a system or app but it's unknown to the developer, vendor, and user. Ethical hacking helps identify and fix such vulnerabilities before they are exploited,” he said.

Mr Gyeabour stressed the need for proactive rather than reactive security measures, noting that mobile phones host multiple applications that could be vulnerable to external attacks.

Beyond the responsibility of service providers, he also advised mobile money users to be cautious about how they handle unsolicited calls and messages. He cited common fraud tactics such as tricking users into sharing PINs or clicking on malicious links disguised as official communications from telecom companies.

“Never share verification codes or PINs with anyone, even if they claim to be from your service provider,” he warned. “Some links contain malware that can install keyloggers on your phone, recording everything you type, including sensitive banking details.”

He also cautioned users against carelessly accepting cookies from unfamiliar websites and warned of the risks associated with browsing untrustworthy sites, particularly those known for adult content.