New wave of fraud targeting bank customers

Issue 1 2022 Editor's Choice

Fraud continues to pose the risk of serious financial losses for banking customers. All indicators are pointing towards the fact that there are new scams and an increasing number of the victims, warns Reana Steyn, the Ombudsman for Banking Services (OBS).

The basic modus operandi of these scams is not new. However, over the years, there is a constant change in the execution techniques that fraudsters have applied. “The success of these scams and their evolution, is heavily guided by how the consumer will react in each situation,” advises Steyn.

Steyn highlighted two recent matters that were investigated by her office where two private banking customers fell victim to the same scam under the exact same circumstances. The story behind convincing the victims to disclose their confidential banking information was new. However, the basic scam remained the same, as did the results.

The new phishing MO scam

Mr M* advised that he received emails supposedly from the South African Post Office. The emails informed him that he had unclaimed packages waiting for him at the Post Office head office. He advised the representative in the email that he in fact had a package at the Post Office which he was aware of and had not collected yet. Mr M then received an SMS from the Post Office advising him to pay a fee of R42.50 for the package to be released and sent to his nearest Post Office.

Mr M followed the instructions on the link he received and the link opened to a payment option on an official Post Office payment page. He then inserted his card details and received an 'Approve It' message on his cellphone. He accordingly approved the transaction. Immediately thereafter, he received another 'Approve It' message from his bank and he noticed the word Singapore and realised that he was being defrauded. He immediately reported the fraud to his bank and instructed the bank not to release the pending transaction of R16 061.80. However, since the transaction was authorised with the use of the card details and the 'Approve It' message, the bank had already released the transaction and refused any liability for the loss that was suffered. Mr M then reported the incident to the OBS and asked for assistance with his complaint against the bank.

The OBS determined that Mr M had in fact made the payment himself and approved the transaction through his banking app. The OBS further found that although Mr M advised that he thought he was making a payment for R42.50, however, the message he received from the bank for the authentication of the payment read: “You are about to make an online purchase of CHF 1000.00 at BIGO Live”. Since it was clear from the message that the payment was not to the Post Office and that the purchase amount was not R42.50, the OBS found against Mr M and concluded that he was unfortunately a victim of a phishing scam where he willingly compromised his confidential banking details.

Fraud claims/losses exceed R295 million in 2021

Steyn warns that banking fraud has become a very lucrative business for online scammers. The banking fraud matters investigated by her office in 2021 alone (the amounts claimed as losses by the victims of the various types of banking scams) exceeded R295 million. “This is an extremely worrying trend, especially when considering that these funds are mostly lost by individuals and small businesses who, in the majority of cases, are not in a financial position to suffer any kind of financial setback. In addition to the negative effects of Covid-19 on finances, most of these victims will sadly never be able to recover from these financial losses,” says Steyn.

The Ombudsman confirmed that it was unfortunate that, in most of these matters, the amounts that were claimed were not recovered as they had already been withdrawn by the fraudsters. In fact, Steyn reiterated that the losses were largely due to the victims falling hook line and sinker to typical and well-publicised scams.

The latest wave of scams to look out for in 2022

According to the OBS’ 2021 records, the Ombudsman received and investigated over 2880 banking fraud related cases. This was a significant increase of 7,5% from the fraud cases that were investigated in 2020. Most of these matters were due to bank customers falling victim to internet banking fraud, credit card fraud, current account fraud and ATM card swap scams.

Steyn advised that these scams are avoidable and called on bank customers to be extra vigilant in 2022 to ensure that they (individuals and businesses) do not suffer significant financial losses over a scam that could have been avoided had someone taken the time to consider the possibility that they are being defrauded. Never provide confidential banking details to a stranger over the phone or enter these details on a link received via email or SMS. Finally, never accept assistance from a stranger at an ATM, Steyn cautioned.

Steyn emphasised the point that no legitimate caller or email from the bank will ever ask a bank customer to provide their card number, passwords and especially an OTP over the call or a link. She further advised consumers to refrain from using any links that are received to make payments. Consumers should be extra vigilant when it comes to a link where you are instructed to put in your banking account details that can be used to access the funds from your account.

Knowledge is power

The nature of the fraud landscape is that there is a specific theme to all of the scams that fraudsters use, it is the execution of these schemes that change all of the time. Here are some tips that the public can use when presented with a possible fraudulent scheme:

• Banks will never ask you to confirm your confidential banking information over the phone.

• If you receive a phone call requesting confidential or personal information, do not respond and end the call. Contact your banks fraud hotline immediately.

• If you receive an OTP on your phone without having made a transaction, it is likely that it is a fraudster who has used your personal information. Do not provide the OTP to anybody. Contact your banks fraud hotline immediately.

• Do not click on links or icons in unsolicited emails or SMSs.

• Do not make payments into an unknown person/merchants’ account without first verifying their authenticity. If you are unsure, go to your nearest bank branch and speak to a representative.

• When doing online shopping, only use your card to make payments on secure websites.

• While transacting, always keep an eye on the ATM card slot to ensure that your card is not removed, skimmed and replaced without your knowledge.

• Report lost and stolen cards immediately.

• Be alert to your surroundings. Do not use the ATM if there are loiterers or suspicious people in the vicinity. Also, take note that fraudsters are often well-dressed, well-spoken and respectable looking individuals.

• Key in your PIN in such a way that no one else can see it e.g., cover your PIN when punching in the numbers even when alone at the ATM as some criminals may place secret cameras to observe your PIN.

• Don't let anyone stand too close to you in order to keep both your card and PIN safe.

Find out more at [email protected], www.obssa.co.za




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

CCTV control room operator job description
Leaderware Editor's Choice Surveillance Training & Education
Control room operators are still critical components of security operations and will remain so for the foreseeable future, despite the advances of AI, which serves as a vital enhancement to the human operator.

Read more...
A passport to offline backups
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure Smart Home Automation
SMART Security Solutions tested a 6 TB WD My Passport and found it is much more than simply another portable hard drive when considering the free security software the company includes with the device.

Read more...
Navigating the complexities of privileged access management
Editor's Choice Access Control & Identity Management
Privileged Access Management and Identity Access Management are critical pillars of modern cybersecurity, designed to secure access to sensitive resources, enforce principles like least privilege, and implement just-in-time access controls.

Read more...
Rewriting the rules of reputation
Technews Publishing Editor's Choice Security Services & Risk Management
Public Relations is more crucial than ever in the generative AI and LLMs age. AI-driven search engines no longer just scan social media or reviews, they prioritise authoritative, editorial content.

Read more...
Efficient, future-proof estate security and management
Technews Publishing ElementC Solutions Duxbury Networking Fang Fences & Guards Secutel Technologies OneSpace Technologies DeepAlert SMART Security Solutions Editor's Choice Information Security Security Services & Risk Management Residential Estate (Industry) AI & Data Analytics IoT & Automation
In February this year, SMART Security Solutions travelled to Cape Town to experience the unbelievable experience of a city where potholes are fixed, and traffic lights work; and to host the Cape Town SMART Estate Security Conference 2025.

Read more...
Historic Collaboration cuts ATM Bombings by 30%
Online Intelligence Editor's Choice News & Events Security Services & Risk Management
Project Big-Bang, a collaborative industry-wide task team, has successfully reduced ATM bombings in South Africa by 30,7% during the predetermined measurement period of November, December and January 2024/5.

Read more...
World-first safe K9 training for drug detection
Technews Publishing SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
The need for integrated control room displays
Leaderware Editor's Choice Surveillance Training & Education
Display walls provide a coordinated perspective that facilitates the ongoing feel for situations, assists in the coordination of resources to deal with the situation, and facilitates follow up by response personnel.

Read more...
Cyber top business risk as climate change hits record high
Editor's Choice
Globally, companies identify cyberattacks, particularly data breaches, as their primary business concern for the coming year, with business interruption ranked second. In Africa and the Middle East, cyber incidents, shifts in legislation and regulation, and macroeconomic developments are the three foremost business risks.

Read more...
As technology converges, so does cybercrime
Editor's Choice
Cybercrime is no longer siloed: it involves complex collaborations and coordination between different malicious entities, including state actors, organised crime and even drug and human trafficking networks.

Read more...