With a rapidly evolving fraud landscape where fraudsters are leveraging the latest technologies and constantly refining their modus operandi, businesses should always be on guard to avoid falling victim to the latest scams which could potentially see them losing millions while also suffering reputational damage.
Roshan Jelal, head of fraud at FNB Commercial, said that given the advances in technology and the sophisticated nature in which fraudsters operate, fraud detection and prevention have become a standard business practice.
“Therefore, it has become imperative for businesses to constantly keep up to date with the latest fraud scams and trends to avoid being victims. Moreover, most importantly, businesses should invest time, effort, and resources in equipping their employees to detect fraud efficiently and effectively.”
Jelal unpacks ten common scams that businesses should look out for:
- Lost and stolen phone – you will receive an SMS prompting you to click a link to find your phone or activate your “Find My Phone” app, even though you have your phone with you. By clicking the link, this allows fraudsters to gain access to your phone – compromising personal and business data.
- Business Email Compromise – fraudsters use malware (and at times combined with social engineering tactics) to gain unauthorised access to a business email account and change invoice and supplier banking details. Businesses often fall victim to this scam as fraudsters are constantly refining the modus operandi. However, the objective is always to get businesses to pay money over into a fraudulent bank account. Vital that you validate any request to change banking details with a known contact and use contact details you sourced yourself. Use the Account Owner Verification tab on Online Banking.
- Deposit slips/ EFT advice fraud – the objective of this scam is to fraudulently get access to goods being sold without paying for them. For example, fraudsters send fraudulent deposit slips or proof of payment claiming that they have made payment of goods and/or services. Never release goods or services before checking your bank account. Never release goods based on a copy of a deposit slip or copy of an EFT Advice provided – rather contact your bank to validate the deposit.
- Advance-fee scam – this is a form of fraud where someone who claims to be a supplier promises you goods or services but requires an upfront payment. It is advisable to avoid paying any amount upfront unless you are dealing with a reputable supplier or a supplier that has worked with before.
- ATM card swapping – this happens when you accept assistance from strangers at an ATM and then fall victim to the stranger swapping your card with another. If you put in your PIN in front of them, they will then have access to your bank account. Always remain vigilant.
- Tender scams – scammers often impersonate Government departments and fraudulently get access to company data, banking details, goods and services by misleading businesses into believing they have secured a tender/contract. Be wary of unsolicited requests to tender. If you are on the Government supplier database and received a request to quote or to tender it is advisable to contact the department (using contact details, you have sourced yourself) to validate the request. Furthermore, ensure you are aware with how Government procures goods and services. Visit the Government’s tender website for information on the tendering process.
- Remote access – this happens when fraudsters gain access to your device or profile by enabling remote access tools to be installed on your device. It is advisable not to use public WIFI to access your banking App. Also, always cancel or delete access tools installed on your device that you are unaware of.
- Card and PIN Compromise – fraudsters reset your login details and you are conned into approving bank detail changes by disclosing your OTP or smart InContact (for FNB customers). Never approve any smart inContact if you didn’t make any changes on your profile or make a transaction, this is how fraudsters gain access to your banking profile.
- Phishing, Vishing and Smishing – these are common identity fraud scams often carried out by email, voice or text or a combination of all the communication channels. Fraudsters use various methods to get sensitive personal or company data to be used for criminal activities.
- Swim Swap Scams – fraudsters will call you pretending to be from your cellular network provider to gain information about your cell phone number, PIN or PUK details. They then pretend to be you and port your current number to a new service provider, effectively shutting off your phone service and taking control of your number.
“Having adequate security measures in place, keeping up with the latest trends, and investing in regular training, goes a long way to help safeguard businesses against fraud,” said Jelal.