For people who get their one time password for online banking by SMS, this story is cause for concern.

The Novalis Ubuntu Institute lost almost R100 000 when a Johannesburg-based syndicate hacked into its bank account. The syndicate managed to obtain the institute's one-time security password needed to carry out online transactions.

They persuaded MTN to swop a sim card so that the one-time password was sent to them, and not to Ubuntu's chief financial officer, Anne-Lise Bure. A total of R90 460 was taken from Novalis's Standard Bank Internet banking account.

A sim-swop allows a cellphone user to replace a lost SIM card while keeping the same cellphone number.
full story from IOL here