The Big Interview: Don't lose thousands to banking scams

With the number of scams on the rise keeping your money and your personal details safe when you bank is becoming even more important. We checked in with the South African Banking Risk Information Centre (Sabric) to find out what scams are defrauding South Africans and how you can identify and avoid them.

Banking app fraud increases by 36%

Reported banking app fraud increased by 36% in 2022, although the actual number may be higher as there are many victims of fraud who don’t report the amounts lost to a criminal scamster! On average, victims of banking app frauds lose R21 836.

Why we are scammed

We are scammed because criminals have become masters at so-called social engineering techniques, which they use to trick you into sharing your personal and banking details, including your cell number.

Don’t ever be embarrassed or ashamed if you become a scam victim. Criminals are doing everything they can to trick you, and they are skilled at committing their crimes and getting you to trust them.

Scams that use social engineering to defraud banking app users include vishing and phishing, as well as smishing.

Vishing

“Vishing is when a fraudster phones a victim posing as a bank official or service provider and uses social engineering skills to manipulate them into disclosing confidential information, while at the same time leading them to believe that they are speaking to the bank or service provider. This information is then used to defraud the victim,” says Sabric.

Phishing emails

“Criminals often use phishing to trick you into disclosing your personal information like usernames, passwords, credit card details and mobile phone numbers,” says Sabric. They may also request OTPs by sending emails that ask you to click on a link. As the email looks like it comes from a trusted source, including your bank, you click, giving the criminal access to your online banking details.

Phishing is no longer just a one email to thousands, criminals often use spear phishing, which is where they target one specific individual. This makes them appear even more legitimate because they are contacting you and only you!

Criminals also use angler phishing to defraud consumers. This is when they use social media to obtain your details, such as setting up a social media account that offers customer support for a particular business or service. Complain, and the criminal engages with you, obtains all your details and uses these to defraud you.

Smishing

Smishing is short for SMS Phishing. “Criminals send an SMS often purporting to be from your bank requesting your personal or financial information such as your account or PIN number,” says Sabric. “Clicking on these suspicious links may install malware onto your phone or could take you to a spoof website where you will be asked to enter personal or confidential information.”

A very concerning banking scam on the rise is kidnapping

“There has been a rise in incidents involving the kidnapping or hijacking of individuals with the purpose of gaining unauthorised access to their banking applications under duress. This criminal activity is a concerning development as it involves threats or physical force to coerce victims into opening their banking applications and initiating money transfers,” according to Sabric.

Keeping your details and your bank accounts safe

Follow these top tips so you are better able to identify and avoid scams.

• Read and follow the tips in emails your bank sends you on fraud and visit the security or fraud centre on your bank's website and your banking app for more security tips. We have listed the website details below.
• Never disclose personal information such as passwords and PINs when asked to do so by anyone via telephone, text messages or email, or on a social media site.
• If you receive a phone call requesting confidential or personal information, or to transfer funds to keep your account safe, do not respond and end the call. You should also report the call to your bank's fraud centre - see below for website links.
• Make sure your PIN and passwords cannot be seen when you enter them.
• Change your PIN and passwords frequently.
• Register for your bank’s cell phone notification service and receive electronic messages relating to activities or transactions on your accounts as and when they occur.
• Install the latest security updates on all your devices.
• Do not click on links or icons in unsolicited emails, SMSs, or WhatsApp messages.
• Place sensible transaction limits on your accounts.

Security and fraud centres of South Africa's major banks:

Absa Security Centre
Capitec Fraud Centre
FNB Security Centre
Nedbank Fraud Awareness
Standard Bank Security Centre

If you suspect a scam or have been scammed

Unfortunately not all fraud victims are reimbursed but to ensure you have the best chance of getting your money back, and that no further fraud takes place, you should:

1. Contact your bank’s fraud centre immediately, cancel your bank cards on your banking app, and make as many notes as you can about the scam call or mail or SMS, such as numbers you were called from, what the scammer sounded like and what information you gave them.
2. Report a fraud case to the South African Police Services (SAPS) at your local police station, make a note of the case number and share this with your bank.
3. Contact the South African Fraud Prevention Service (SAFPS) if your ID or personal details have been stolen.
4. Change any pin numbers and passwords, cell phone numbers, even email addresses, credit and store cards.

Be a skeptic

Protect your money by being ultra cautious and careful - and don’t trust anyone. And be sure to follow our top tips to keep your hard-earned cash safe and sound.