Protect yourself from fraud

Your trust in us is our most valuable asset. This is why your security and that of your personal information are priorities, be it while using our services via the Internet or at an automated teller machine (ATM).
Here we outline the top 10 fraud risks and highlight issues that could affect your personal safety.

Identity theft
Phishing
Card fraud and skimming
ATM fraud
SIM swap fraud
Cheque fraud
Deposit slip scams
Pharming
Money Laundering
419 Nigerian scams/advanced fee fraud


Identity theft

What is Identity theft?

Identity theft is when someone steals your personal information to use for illegal purposes.

Scenario A: Theft.
Stealing wallets and purses containing identity documents, credit and bank cards; stealing mail, including bank and credit card statements.

Scenario B: Rummaging through dustbins (dumpster diving).
Finding information in homes or offices.

Scenario C: Intercepting personal information.
Intercepting personal information shared on the Internet.

Scenario D: Shoulder surfing.
The identity thief simply stands next to you and watches you complete personal information.

How do they use your information?

Fraudsters will use your information to:

  • Open bank accounts: open credit card and bank accounts with other mailing addresses
  • Retail accounts: they open retail accounts like clothing accounts, furniture accounts, etc
  • Obtain loans, vehicle finance.

They will run up huge debts and not repay them. The innocent victim receives a bad credit listing with the credit bureaus. Usually, you will only find your identity has been stolen when you legitimately apply for credit and get turned down.

Do

  • Manage your personal information wisely
  • Destroy personal financial information by tearing, shredding or burning personal and financial information before throwing it away
  • Store personal and financial documentation safely
  • Make it difficult for strangers to access your personal or financial information
  • Keep PIN number safe
  • Pay attention to account cycles
  • Avoid obvious choices like birth dates and first names when selecting passwords.

Don't

  • Carry unnecessary information in your wallet or purse
  • Disclose personal information when asked to do so by email
  • Write down PINs and passwords.
This information was created at an interbank level through South African Banking Risk Information Centre.

Return to the top of the page

Phishing

How the scam works

  • Fraudsters send you unsolicited/un-requested emails
  • Emails are purportedly from your bank
  • Emails request you to click onto a link in the email to update your personal details
  • Once clicked, the link will divert you to a fraudulent or spoof website
  • The information is sent to the fraudsters who defraud you.

Do

  • Type the website address into your Internet browser rather than clicking on a hyperlink in the email
  • Only use secure Internet banking sites
  • Beware of unusually long website addresses
  • Contact your bank immediately if you have compromised confidential information
  • Remember that a bank will never request you to confirm confidential information via email or the Internet.

Don't

  • Click on a URL contained in the body of the email
  • Reply to any of the emails.
This information was created at an interbank level through South African Banking Risk Information Centre.

Return to the top of the page

Card fraud and skimming

Important tips for merchants on how to avoid card fraud

  • Hold the card until the transaction is complete
  • Ensure that the security features are present
  • Compare the cardholder's signature on the card to that on the sales voucher
  • Phone for authorisation if requested to do so by the point of sale device
  • Make an imprint of the card in the case of a manual transaction.

Important tips when using your card

  • Sign your card as soon as you receive it
  • Review your account statements on a timely basis
  • When shopping online, only place orders with your card on a secure website
  • Don't send emails that quote your account number and expiry date
  • Ensure that you get your own card back after every purchase
  • Never write down your PIN or disclose it to anyone
  • Report lost and stolen cards immediately
  • Destroy your credit card receipts before discarding it
  • Never let the card out of your sight.
This information was created at an interbank level through South African Banking Risk Information Centre.

Return to the top of the page

ATM fraud

Do

  • Remain aware of your surroundings without allowing anything or anyone to distract you while doing your ATM banking
  • Approach an ATM only under the right conditions and, for your own security, be alert and conscious of your surroundings
  • Choose a familiar and well-lit ATM where you are more visible and safe
  • Scan the area for suspicious looking characters before you approach the ATM
  • If you think the ATM is faulty cancel the transaction IMMEDIATELY, report the fault to your bank and try another ATM to transact
  • Have your card ready in your hand before you approach the ATM to avoid opening your purse, bag or wallet while in the queue
  • Be cautious of strangers offering to help as they could be trying to distract you in order to get your card or PIN details
  • Follow the instructions on the ATM screen carefully.

Don't

  • Approach security guards for assistance whilst doing banking transactions
  • Never force your card into the slot as it might have been tampered with
  • Use ATMs where the card slot, key pad or screen have been tampered with -it could be an attempt to get hold of your card.

Tips on protecting your PIN

  • Your PIN is your personal key to secure banking and it is crucial to keep it that way
  • Memorise your PIN, never write it down or share it with anyone, not even your spouse or a bank official
  • Don't use an obvious or guessable PIN such as your birth date, and change your PIN as often as you can
  • Don't let anyone stand too close to you whilst at the ATM in order to keep both your card and PIN safe
  • Shield the keypad when entering your PIN to ensure that no one can see it.

Tips on protecting your cash

  • Some fraudsters wait until you've drawn your cash to take advantage. Be wary of people loitering around at the ATM
  • Take your time to complete your transaction and secure your card and your cash in your wallet, handbag or pocket before leaving the ATM
  • Check your balance regularly and report discrepancies IMMEDIATELY.
This information was created at an interbank level through South African Banking Risk Information Centre.

Return to the top of the page

SIM swap fraud

Fraudsters obtain and utilise your replacement SIM card to acquire security messages and one-time passwords (OTP) sent to you by the bank. Using the OTP, criminals are able to change, add beneficiaries and transfer money out of your account using your personal information that they would have obtained through phishing.

How the scam works

  • In order for a sensitive transaction to be completed an OTP is required
  • This is usually sent by SMS or email to your registered cellphone number or email address.
  • The latest modus operandi of fraudsters is to have a SIM swap fraudulently conducted at your cellphone service provider (Cell C, MTN, Virgin Mobile, Vodacom) on your cellphone number.
  • What this means is that the cellphone service provider disables the SIM card in your phone and allocates your cellphone number to the fraudsters
  • When the OTP is sent to your cellphone number, it is the fraudster that receives the OTP and can then make fraudulent payments
  • If you receive an SMS from your cellphone service provider warning that a SIM swap has been conducted on your cellphone number, please contact them immediately.

If the SIM swap is prevented, the fraudsters will not be able to receive your OTP and will not be able to make fraudulent payments.

How to prevent SIM swap fraud

  • Protect your information.
  • Do not disclose your ID number on websites unless you have verified the legitimacy of the site. The bank already knows your ID number and will not require you to give it to us again.
  • Do not disclose your cell number on websites unless you have verified the legitimacy of the site. Phishing sites often request for information such as ID Number, email address and email address password, physical address, etc.
  • Always make sure that your contact details on Internet banking are valid and correct. You know when your details have changed, so when you are ready, you can update the information on Internet banking or at a branch.

What should you do if you suspect a fraudulent SIM swap has been done?

  • Contact your service provider immediately. If the SIM swap can be prevented, they will not be able to receive your OTP
  • Immediately change your Internet banking logon credentials until an investigation into the SIM swap can be completed. The changing of your logon credentials can be done on the Internet banking site and takes a few minutes
  • Contact the Internet banking call centre on 0860 123 000 and report the unauthorised SIM swap.
Return to the top of the page

Cheque fraud
  • Genuine cheques are presented with fraudulent signatures
  • Fraudulent cheques are printed bearing the bank's watermark logo.

Do

  • Complete beneficiary details in full
  • Include your account number when making account payments
  • Use crossings accordingly
  • Familiarise yourself with different banks cheque layouts
  • Use alternative methods of payment such as electronic payments
  • Lock away bank statements and chequebooks
  • Reconcile your cheques against your bank statements.

Don't

  • Use abbreviations as beneficiary details
  • Post cheques
  • Release goods even if a bank cheque is presented, without checking with your bank
  • Cross cash cheques
  • Advertise your banking details.

Look out for

  • Alterations on the text (payee, amount in words and figures)
  • Stamps placed in areas to conceal alterations
  • Cheques issued in black felt-tipped pens
  • Spelling mistakes on the printed areas of the cheque such as drawer's details and bank branch name
  • Tampering on the MICR code line (the black shaded area)
  • Faded cheques as chemicals could have been used to remove the information
  • Typed cheques
  • Shaky signatures as this could indicate that the signature was traced
This information was created at an interbank level through South African Banking Risk Information Centre.

Return to the top of the page

Deposit slip scams

How the scam works

Scenario A

  • You, as a supplier, are approached via telephone or email with an urgent order
  • A deal is structured, usually involving a direct deposit into the your bank account
  • A copy of the stamped bank deposit slip for cash is faxed to you
  • Goods are released to fraudsters
  • A fraudulent cheque is deposited instead of cash and the deposit slip is fraudulently amended
  • The cheque is unpaid due to it being fraudulent
  • Your bank account is debited
  • You are unable to contact the "client" and suffer the loss.

Scenario B

  • You, as a supplier, are approached via telephone or email with an urgent order
  • A copy of a stamped bank deposit slip for cash, for a higher amount than originally agreed upon, is faxed to you
  • The "client" then contacts you and requests that the excess amount be returned electronically transferred into a specified account
  • On the strength of the faxed copy of the deposit slip, you refund the excess amount
  • A fraudulent cheque was deposited instead of cash and the deposit slip was fraudulently amended
  • The cheque is unpaid due to it being fraudulent
  • Your bank account is debited
  • You are unable to contact the "client" and suffer the loss as the funds have already been withdrawn from the fraudsters account.

Scenario C

  • You, as a supplier, are approached via telephone or email with an urgent order
  • A copy of a stamped bank deposit slip for cash, for a higher amount than originally agreed upon, is faxed to you
  • An Internet transfer receipt is fraudulently manipulated to reflect a "transfer" to the your account. The transfer could be for the exact amount of the order as in Scenario A, or for an amount in excess of the agreed amount as in Scenario B
  • The fraudulent Internet receipt is faxed to you
  • The goods are released to the criminals or the "excess" refunded as previously described
  • Your bank account is debited
  • You are unable to contact the "client" and suffer the loss as the funds have already been withdrawn from the fraudsters account.

Scenario D

  • A cheque is deposited to your account without your knowledge
  • A letter on a false letterhead purporting to be that of a well known entity or institution is faxed to you in which it is said that an amount has been paid to your account. The letter provides details of an account to which the "refund" must be made
  • You are sometimes contacted by someone who then confirms the content of the letter, stating that it is important to effect the refund soonest
  • You make the payment
  • The cheque is unpaid, leaving you out of pocket.

Do

  • Contact the entity or institution on a number ascertained from the telephone directory and confirm the request
  • Be cautious of clients who want to "keep their distance"
  • Retain complete records
  • Confirm details of payments with your bank.

Don't

  • Be pressurised due to urgency
  • Relax controls and procedures
  • Proceed if you have any doubts
  • Use the number provided by a caller or provided on a faxed letter.
This information was created at an interbank level through South African Banking Risk Information Centre.

Return to the top of the page

Pharming

How the scam works

  • Pharming occurs when your computer is infected with a virus which attacks the Domain Name Server (DNS) system on the machine
  • Viruses are usually transmitted via emails or downloads
  • When you enter your bank's website address, the virus redirects the user to a fraudulent website, purporting to be that of the bank
  • Confidential user information is compromised and the fraudsters use this to defraud you.

Do

  • Ensure that antivirus software is always up to date
  • Access Internet banking via the route usually used
  • Only use secure Internet sites
  • Beware of unusually long website addresses
  • Contact your bank immediately if you have compromised confidential information.

Don't

  • Access unfamiliar websites.
This information was created at an interbank level through South African Banking Risk Information Centre.

Return to the top of the page

Money Laundering

What is Money Laundering?

Money laundering is the act that changes or disguises the criminal nature or the location of the proceeds of crime.

Do

  • Keep control of your accounts
  • Be mindful when accepting payment for goods
  • Be mindful of the risks of money laundering and make enquiries if there is any doubt about the origin of funds and/or if the transaction appears unusual considering the circumstances.

Don't

  • Allow your account to be used directly by another person to deposit and transfer/withdraw funds from it.
This information was created at an interbank level through South African Banking Risk Information Centre.

Return to the top of the page

419 Nigerian scams/advanced fee fraud

Look out for

  • Perpetrators of 419 Nigerian scams operate by sending you an unsolicited letter, fax or email containing either an illegitimate or illegal proposal
  • Most common letters, faxes and emails promote services and products such as oil products, real estates, distribution of moneys from wills and over budgeted money and lotteries
  • The letter promises that you will benefit substantially for their investment or cooperation.
  • In most instances these letters are purportedly written on behalf of a government department, central bank or major corporation
  • Be very wary of these schemes as they keep up with newsworthy events such as disasters or political circumstances such as the situation in Zimbabwe.

How the scam works

  • You will be requested to pay a fee up front - this could be in the form of an "advanced fee" or a "transfer fee"
  • "Unexpected complications" will arise once you have paid this fee, and you could be requested to pay even more money
  • The letter will stress the urgency of the matter
  • The confidential nature of the transaction is stressed
  • Claims are made that the other parties are employed in, or have strong ties with the government agencies or financial institutions
  • They may insist that you travel within South Africa or to one of its neighbouring countries to meet them
  • A large number of forged, official looking documents are included
  • Blank letterheads, invoices and banking details are requested
  • Additional fees are continuously requested in order to further the transaction
  • Use common sense. If it sounds too good to be true, it probably is!

Do

  • Check the credentials of the person or business, for example with the relevant embassy, to see whether or not the person operates a legitimate business or that the business does exist.

Don't

  • Do not consider travelling to meet the person and discuss the offer. Victims who have been lured to the foreign country have been robbed, held for ransom and even murdered
  • Never pay anything in advance unless you are absolutely sure that goods or services are going to be delivered
  • Never provide the other party with blank letterheads, invoices or your banking details.
This information was created at an interbank level through South African Banking Risk Information Centre.

Return to the top of the page






Disclaimer | Conditions of access | Privacy and security statement | Site specs | Security centre
© 2009 The Standard Bank of South Africa Limited. Authorised financial services provider. Registered credit provider.