’Tis the season to be vigilant: scammers are ramping up their activities as consumers do their Christmas shopping.
This time of the year often sees a rise in fraudulent activities, with scammers becoming more aggressive and sophisticated. In a recent interview with Sindy Mabe of eNCA, Roy Retief, the head of operations at the South African Fraud Prevention Service (SAFPS), advised consumers to exercise caution.
“If you’ve shared something that you don’t think you should have shared, contact your bank immediately so that they can put the necessary processes in place to prevent you becoming a victim.”
Retief said South Africa is experiencing similar trends in banking fraud to those in other countries.
“We work with organisations in the UK, the Netherlands, and Australia, and we’re seeing very similar trends in terms of impersonation fraud, and specifically financial fraud, banking scams, and so on, happening in South Africa as well. And I think this is due to us being part of the global village, as they call it. With digitization, crime spans international borders,” Retief said.
He said although these crimes are not new, scammers continually evolve their methods. “As people become aware of one crime scam happening, they’ll change it slightly, change the nuances, so that they can further their crime. So, it’s a constant education that needs to happen with consumers so that they don’t fall victim to these crimes,” Retief noted.
Fraudsters are becoming increasingly creative – for example, employing “shock” tactics.
“So, for example, if you look at your typical phishing scams, we’ve all gotten those emails purportedly from our bank saying, look, you need to be re-FICA-ed. If you don’t do this, we’re going to freeze your account, and it looks exactly like an email coming from your bank,” he said.
He advised checking the sender’s email address closely, because “when you look at it, superficially, it looks like your bank, but if you click on that, you’ll see it’s coming from a very different email address”.
Examples of recent scams doing the rounds, often shared on social media, are false offers of prizes to mark retailers’ anniversaries or ridiculously cheap flights.
“The general rule of thumb is, if something appears to be too good to be true, it probably is,” Retief said.
Phishing, smishing, and vishing
The South African Banking Risk Information Centre’s 2022 annual crime statistics report highlights a sharp rise in digital banking fraud, with incidents up 36% from the previous year.
Financial losses per online fraud case increased by 9%, driven by phishing and “vishing” scams. However, mobile banking fraud fell by 9%, and SIM swap incidents fell from 87% to 76%. Card fraud overall decreased by 18.4%, although “vishing” tactics were used to target card-not-present transactions.
Statistics from the banking division of the National Financial Ombud Scheme (NFO) show that banking scams are the leading cause of formal complaints. In 2023, out of 8 521 cases opened with the Ombudsman for Banking Services (the NFO’s predecessor), 3 380, or 43.5%, were classified as fraud.
Read: OBS reports record high complaints in 2023 as it transitions to NFO
In an article published in BluechipDigital, Reana Steyn, the first head ombud of the NFO, advised consumers to be cautious of phishing, vishing, and smishing scams.
She explained: “These involve the fraudsters sending deceptive emails (phishing), SMS messages (smishing), or making phone calls pretending to be from the bank or some other legitimate organisation or service provider (vishing). Victims are requested to insert their internet banking passwords and PINs into the links sent to them via emails or SMSs purporting to be from the bank or tricked into sharing their bank card numbers and/or OTPs as part of a verification process or by claiming that there is an urgent need for it.”
Steyn also highlighted another prevalent scam: fraudsters posing as bank representatives to inform victims of alleged fraud in their accounts. They convince victims to provide their internet banking details and then transfer funds into their own accounts under the guise of moving the money to safety.
Additionally, Steyn warned about SIM-swapping fraud:
“Fraudsters deceive the victim’s mobile service provider and get a new SIM card with the victim’s phone number. With the victim’s incoming calls and messages now diverted to the fraudster’s device, they can intercept OTPs and gain unauthorised access to the victim’s online accounts or perform fraudulent transactions.”
Fear, urgency, authority: scammers’ three basic tools
Momentum Group’s cyber security team warns that scammers are out to exploit people’s deepest human weaknesses and evade rational thought to manipulate the emotional responses. The fundamental strategies scammers employ are fear, urgency, and authority.
Fear is a powerful tool in a scammer’s arsenal. Fraudsters often use intimidation and official-sounding threats to instil fear, such as the risk of violence, legal action, or arrest. These tactics are designed to provoke emotional responses, such as sadness or panic. For example, a scam call claiming that a loved one is in immediate danger can trigger a frantic search for a solution. Momentum Group advises staying calm in these situations, as the aim of these scams is to elicit a hasty reaction.
Urgency is another tactic scammers use to exploit emotional vulnerability. They create high-pressure situations with tight deadlines to prevent you from taking a moment to think things through or seek advice from trusted sources.
Scammers may present deals that seem too good to be true, compelling you to act quickly without careful consideration. Momentum Group highlights the importance of maintaining scepticism and questioning anything that seems overly favourable or urgent. Always verify the legitimacy of offers and take time to make informed decisions.
Authority scams involve fraudsters impersonating figures of authority such as police officers, government officials, or bank representatives. These scams are executed through various methods, including phone calls, texts, and emails. Momentum Group’s Cyber Security Team underscores the need for vigilance when interacting with individuals claiming to be authority figures. It is crucial to verify their identity before sharing any personal information or financial details.
“Should you find you are in a predicament with scams, make sure not to pay more money and immediately focus on stopping further losses; gather all information about the incident while it is still fresh. Next, investigate ways to repair the damage and avoid getting scammed, in the future,” Momentum advises.
Momentum Group’s Cyber Security Team provides the following 10 tips to protect yourself:
- Staying current on the latest types of scams can help you to identify the risks and learn how avoid them.
- Don’t be embarrassed about reporting a scam. Because the scammers are cunning and clever, there’s no shame in being deceived. By reporting it, you’ll make it more difficult for them to deceive others.
- Do not make attempts to scam your scammer. You may potentially end up getting scammed, again. Consumers should report fraudulent interactions to the SAPS.
- Check accounts regularly and report unusual activity to your bank.
- Always verify the legitimacy of people or companies requesting access to personal information or money.
- Keep sensitive information, such as how and where you store passwords, private.
- Never click on links unless you are 100% sure where the link is from and where it may take you.
- By accessing your free annual credit report, via South Africa’s several credit bureaus, you can identify fraudulent accounts or loans and can address the situation with the relevant institution.
- Be wary of Hotmail or Gmail addresses that are supposedly coming from established companies.
- Avoid accessing sensitive services such as your email or internet banking when using public wi-fi networks.
