Security centre > Scams > Phishing
Internet Café
Phishing Deposit refund scam 419 scam Key loggers

  • We will never ask in an email for information
  • Don't reply to anything suspect
  • Always type in our URL
  • Tell us about suspect emails supposedly from us

  • Don't get caught through phishing
    What is phishing?
    What to look out for (Bogus emails and sites)
    How is it done?
    What we are doing to protect you
    How you can protect yourself
    What you can do if you suspect phishing
    If you've given out your details

    Don't get caught through phishing
    We're all used to getting some pretty strange emails in our inboxes asking us to "click here" or send information about ourselves, or even making promises of great wins.While Internet offers convenient access to services such as shopping and banking, it also holds risks to the security of your personal information and money. One such risk is "phishing", used by criminals in ever–changing ways to ultimately take your money.

    What is phishing?
    Phishing is the act of a fraudster sending emails that claim to be from a recognised organisation, e.g. Standard Bank, to mislead the recipient into revealing sensitive information for use in identity theft. The recipient is told to visit a website where they are asked to enter sensitive information such as passwords, credit card details or bank account numbers. This website is a fake website that has no association with the recognised organization, however closely resembles the recognised organisations website in terms of aesthetics. Once the recipient supplies their details the details are email to the fraudsters. The victim is then redirected to the legitimate website.

    What to look out for
    Here are some examples of recent phishing attempts.

    Latest bogus emails
    Bogus emails archive
    Bogus sites
    Phishing sites often ask for information that Standard Bank would never ask you for or will never request you to update. An example of what the phishing site's request is shown below:

    In addition to recording the logon details above, the phishing website often asks for your personal information:

    How is it done?
    Usually, you will receive an e-mail from the fraudsters that appears to be from us with a link to a site that is very similar to ours. In most cases you would find it very difficult to tell that the site is not ours. The e-mail will ask you to provide your customer selected PIN (CSP) and password, card details, account numbers, ID numbers, OTP cellphone number, e-mail address and e-mail address password.

    Another way criminals use is to send you an e-mail claiming to be from your Internet service provider (ISP) that includes links to their genuine site. Once you are linked to the site a pop-up window appears requesting your credit card information.

    What we are doing to protect you
    We are committed to protecting the confidentiality of your banking details. We are always looking out for sites that pretend to represent Standard Bank or any of our subsidiaries.

    When we find a false website we take measures to close them down as soon as we can. We also do our best to make sure our customers are told of new ways criminals may try get information out of you. On the top-right of this page you will find previous examples of emails they have sent before.

    To make online transacting safer, you should make use of our free security and authentication services. These include
    • One-time password is a unique, compulsory and time-sensitive password used as added security on selected Internet banking transactions. The password will be sent to you by email or SMS and is valid for one Internet banking session. This service is free.
    • My Notification is an SMS service that informs you when profile amendments, new beneficiary additions, amendments to existing beneficiaries and once-off payments are carried out on Internet banking.
    • Payment confirmation is a message that informs both you and the person or company you are paying that a transfer or payment has been successfully completed.
    • We offer you free McAfee Antivirus software when you register for our Internet banking service.
    How you can protect yourself
    Never give your personal details to anyone without making sure that they are who they say they are. A Standard Bank representative will never ask you for personal or banking information in an email.

    You should view emails and pop-up windows asking for your personal information with the same amount of suspicion you would the person behind you in an ATM queue.
    • Treat emails that appear to be from us asking for personal details with suspicion
    • Never reply to their email or get into a conversation with them
    • Never provide your personal details, for example, your PIN or account details by email
    • Do not follow any links in emails to reach our Internet banking website. Always enter our website address ( to connect to our Internet banking site.
    What you can do if you suspect phishing
    Let us know if you are not sure about an email or website saying it Standard Bank's.

    Please forward the email to [email protected] and we'll investigate.

    Do not respond to that email. We will get back to you in a few hours after we've investigated it.

    By sending it to us you may help us close down an illegal site and help save others from falling victim to these criminals.

    If you've given out your details
    Call us immediately on 0800 020 600 or +27 11 299 4114 if you think you have in one way or another given your banking details to a criminal. This line is open 24 hours a day.


        Branch locator | Site specs | Fica requirements | Disclaimer | Conditions of access | Privacy and security statement