Bank sector warns clients of scams

2018-06-28 06:02

The South African Banking Risk Information Centre (Sabric) has warned clients to be on the lookout for phishing, vishing and SMishing scams.

Phishing emails request that users click on a link in the email which then directs them to a “spoofed” website, designed to fool users into thinking that it is a legitimate attempt to obtain, verify or update contact details or other sensitive financial information. The spoofed website will look almost exactly like that of a legitimate or well-known financial institution. Phishing emails, which are a form of spam emails, are typically sent in large numbers to consumer email accounts.

Vishing is when a fraudster phones their victim posing as a bank official or service provider and uses social engineering tactics to manipulate them into disclosing confidential information, while at the same time leading them to believe that they are speaking to the bank or service provider.

This information is then used to defraud the victim.

SMishing, short for “SMS phishing” is like phishing, except that a user is tricked into downloading malware onto their mobile device which is then used to fraudulently obtain sensitive information by sending out text messages asking users to call a number or click on a link.

“Criminals will use these techniques in the hope of tricking recipients into disclosing their personal information on bogus online platforms or on spoofed websites. And all it takes is a few duped individuals to make phishing a profitable business for cybercriminals,” Sabric says in a statement.

Sabric urges bank customers to institute good habits to avoid becoming victims­:

Do not click on links or icons in unsolicited emails.

Always type in the URL or domain name for your bank in the address bar of your internet browser if you need to access your bank’s website.

Check that you are on your bank’s genuine website before inputting any personal information. Make sure that you are not on a spoof site by clicking on the security icon on your browser tool bar to see that the URL begins with https rather than http. Check for a closed green padlock next to the URL of the website. A green padlock shows that your connection with the website is secured and encrypted.

If you think that you might have been compromised, contact your bank immediately­.

Create complicated passwords that are not easy to decipher and change them often.

Banks will never ask you to confirm your confidential information over the phone.

If you receive a phone call requesting confidential or personal information, do not respond and end the call.

If you receive an OTP on your phone without having transacted yourself, it was likely prompted by a fraudster using your personal information.

Do not provide the OTP telephonically to anybody. Contact your bank immediately to alert them to the possibility that your information may have been compromised.


Inside News24

Traffic Alerts
There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire network.