4 scams that cyber crooks use to steal your cash

Password. (Duncan Alfreds, Fin24)
Password. (Duncan Alfreds, Fin24)

Cape Town - Cyber criminals employ simple strategies to steal personal and financial information, warned a cyber security expert.

Moves by banks to increase security of cards through chips and the Department of Home Affairs planning to introduce biometric scanning, have driven cyber crooks to smartphones.

“As it becomes more and more difficult to commit card fraud due to the latest technology, mobile smartphones and the dedicated apps they support have become an increasingly attractive alternative for attackers to target,” Xavier Larduinat, senior technologist at Gemalto told Fin24.

READ: SA banks 'coping' amid global cybercrime wave

He said that cyber crooks employ four social engineering methods to target victims:

Spear phishing

“A phishing attack is one in which the perpetrator targets a specific person or organisation,” he said.

This may take the form of e-mails addressed to specific people with topics in which they have expressed an interest. Typical examples include an e-mail from the SA Revenue Service (Sars) or your bank addressed to you with either a refund or payment notice that mimics the organisation.


“This uses company biographies and online profiles to specifically target executives or board members,” said Larduinat.

READ: 6 tips to prevent whaling cyber attacks

In companies, this method has proven effective in convincing junior employees to make payments to service providers at the behest of senior managers.

By specifically targeting executives, cyber crooks have also been able to compromise entire corporate networks and hold PCs to ransom.


“SMiShing is a phishing attack that uses text messages,” said Larduinat, explaining the process.

In SA, SMSs on lottery wins, traffic fines, bank deposit notifications and coupon specials are often maliciously designed to convince consumers to part with cash. Typically, when you respond to an SMS, the scammer demands a “registration fee” or “entry fee” to begin the process of extracting cash from you.

For fines or payments, scammers often pose as collection agents.


“Confidential information is solicited over the phone,” said Larduinat.

Scammers will make calls claiming to represent internet companies warning about virus infections on home computers. They can often obtain personal information from discarded mail and will typically demand payment for their “antivirus solution” which may in fact, install malicious software on home computers.

READ: Hackers, corporates drive security arms race

Larduinat said that identity theft plays a crucial role in perpetuating financial fraud.

“Identity theft is a fundamental component of banking fraud and enables much of the fraud seen today.

“Unlike credit cards stolen physically, which have a limited span of time until the users realise that theft has taken place and take appropriate action, victims of banking credential and identity theft often don’t discover this immediately.

This enables criminals to perform a broad range of financial transactions or contractual exchanges before the situation is remedied,” he added.

How aware are you of these scams? Let us know

- Follow Duncan on Twitter

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Rand - Dollar
Rand - Pound
Rand - Euro
Rand - Aus dollar
Rand - Yen
Brent Crude
Top 40
All Share
Resource 10
Industrial 25
Financial 15
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot