Saturday, November 23African Digital Business Magazine

Remain vigilant in the face of increased banking scams urges the SAFPS

The end of the year is fast approaching, and with it, the festive season and general anticipation for that hard-earned vacation that many South Africans work so hard for during the year.

While this is a time of good cheer and increased shopping activity to prepare for the December break, it is also a busy time for scammers who want to take advantage of this activity.

Many South Africans have recently contacted a popular Johannesburg radio station reporting increased attempts at banking fraud, with scammers sometimes becoming increasingly aggressive and convincing.

“This is not uncommon,” warns Roy Retief, Head of Operations at the Southern African Fraud Prevention Service (SAFPS). Scammers generally tend to be more active during periods of increased consumer activity. It is essential to know how to spot a scam and what measures you have available to prevent you from becoming a victim,” says Retief.

Impersonation fraud

When it comes to banking scams, scammers constantly devise new methods to use on their victims; however, the most common scams follow a set formula.

“Impersonation fraud is rife when it comes to banking scams,” warns Retief. Scammers will often contact potential victims, posing as bank representatives. Armed with a lot of information about their potential victims, scammers will ask them to confirm banking details or other sensitive information such as ID numbers. “In line with the gravitation towards online banking, many scammers will phone their potential victim, posing as a bank representative, [EK1] and tell them they need to perform an important action on their online banking profile. Scammers are often tech-savvy and can remotely access a victim’s compromised mobile device, triggering a technical issue to create a sense of urgency or panic; the victim then feels they need to follow the prompts from the scammer to secure their device. Armed with this, scammers can cause significant damage,” warns Retief.

A new modus operandi involves scammers calling potential victims and asking them to move money into a safer or higher-interest-bearing account. “Victims will unknowingly be moving money from their account into the scammer’s account,” says Retief.

A common scourge

Nerosha Maseti, Lead Ombudsman for the banking Division of the National Financial Ombud Scheme (NFO), points out that complaints related to banking scams have been and continue to be the biggest contributors to formal complaints opened at the NFO’s banking division.

“In 2023, of the 8521 formal cases which were opened at the Ombudsman for Banking Services for the year (being the predecessor to the banking division of the NFO), 3380 or 43.47% were categorised as fraud,” says Maseti. She adds that the complaints are prevalent across the industry. In the context of a changing global banking landscape, where branch networks are shrinking, volumes of digital payments are increasing, and payments are being processed in seconds, fraudsters are creatively finding new ways to steal from banks and their customers across the banking industry. “Banks globally and within our jurisdictions are seeing an increasing trend in scams. Fraudsters are manipulating and coercing customers into making payments to them, bypassing bank controls,” warns Maseti.

She points out that, when investigating such complaints, our investigation will typically involve ascertaining whether there was wrongdoing or negligence on the part of the bank that caused the customer’s losses or contributed to them. If, after our investigation, we find that the bank could have prevented or mitigated the customer’s losses but failed to do so, we have the power to recommend to the bank involved to refund the portion of the customer’s losses that could have been prevented but for the bank’s negligence.

“It is important to note, however, that our starting point when dealing with such complaints is that the bank customer is liable for all transactions they do voluntarily or that take place using that customer’s confidential banking access details. Liability only shifts to the bank once fraud or compromise of the confidential access details has been reported to the bank. Only then will the bank be expected to take immediate steps to prevent the customer’s losses. We can only make a recommendation where we find that there has been unfair treatment, negligence, non-compliance or maladministration on the part of a bank,” says Maseti.

Tips on how to prevent being scammed

It is important that consumers remain vigilant and aware that they are ultimately responsible for any transactions that take place on their accounts, no matter how convincing the scammer is.

There are essential factors to consider:

  • Ignore any SMS or email notification that asks you to follow a link and provide your username and password;
  • Do not store any banking credentials on your smartphone;
  • Do not let your browser (Safari, Chrome and others) save your banking passwords;
  • Ensure that your banking credentials are unique and not used to log in to any other websites, email accounts or apps;
  • When selling your phone, ensure all your details are removed, your Banking App is uninstalled and delinked from your banking profile, and the phone is reset to factory settings;
  • Never leave your smartphone unattended when you are logged in;
  • Use two-factor authentication whenever possible to increase the security of your login;
  • Do not jailbreak (your iPhone), use pirated software, or compromise the security of the software on your device, as this could easily lead to attackers spying on you without your knowledge;
  • Install a reputable anti-malware solution on your device to detect and block signs of malicious activity. Remember to keep the software updated to ensure maximum effectiveness;
  • Do not access your banking app in busy public places or whilst outside venues waiting for e-haling services, where it is easy for a criminal to snatch your mobile device whilst your banking app is unlocked; and
  • Do not access your banking app or perform sensitive financial transactions whilst connected to unsecured public wi-fi networks.

A major tool

How do we combat this? Retief points out that the SAFPS launched Yima in response to the growing need for a proactive approach to fraud prevention.

“Yima allows South Africans to report scams, [RR2] and scan any website for vulnerabilities related to scams. They can also educate themselves on how to identify a scam. These tools will enable consumers to surf the internet, access key products such as online banking and money transfers more confidently and make their daily lives aware and informed. These are just some exciting elements South Africans can access through the site,” says Retief.

The website’s main element will be the ability to report a scam incident or any suspicious activity to the SAFPS. This suspicious activity includes a fake or suspect-looking online shopping website or portal, and instances where the user has received phoney banking information. Users can also access a scam hotline to report fraud incidents to their banks and the South African Police Service.

Additionally, Yima users will have access to the consumer products and services offered by the SAFPS.

Protective Registration

Protective Registration is one of the SAFPS’ most essential services and is the core of its offering.

Protective Registration is a service that protects individuals against future fraud, at no cost to the consumer. Consumers apply for this service, and the SAFPS alerts its members to take additional care when handling that individual’s details. It provides an added layer of protection and peace of mind regardless of whether the applicant’s identity has been compromised.

“If a member of the public wants to become proactive in the fight against fraud, the SAFPS is there to serve them. Visit our website at www.safps.org.za. Then, click on the Apply for Protective Registration tab and protect yourself against identity theft. For best results, use your smartphone to go to our website. Once you have uploaded key pieces of information, you will be issued with a confirmation letter via e-mail, adding another layer of protection against potential ID fraud,” says Retief.