These are the most common banking scams in South Africa – what to look out for

 ·21 Oct 2022

New data from the South African Banking Risk Information Centre (Sabric) shows a decrease in the number of reported incidents of non-contact banking fraud.

In its latest annual report for 2021, Sabric said that despite an 18% decrease in reported incidents since 2020 – mainly attributed to a reduction in mobile banking fraud incidents – there was a significant increase of 45% in gross losses, from R310 million in 2020 to R440 million the following year.

Criminals have been using social engineering techniques to their advantage and are going beyond the well-known phishing scam to other prominent methods.

Such methods include the compromising of an employee’s business email, email hacking in general, phishing and smashing scams – these have all appeared more often in the banking fraud space.

The biggest draw of money for cybercriminals has been abusing the fact that close to everyone now banks online.

Sabric said that despite online banking fraud making up a small portion of incidents of digital crime, it amounts to the second-highest portion of gross losses. On average, the amount of money defrauded from people was around R33,781.

Sabric noted the following types of scams and modus operandi:


In the case of fishing, scamsters phone a victim, impersonate a bank official or service provide and use social engineering skills to manipulate the victim into disclosing confidential information that is in turn used to scam them, said Sabric.


A scammer sends an email to a prospective victim, encouraging them to click a link in the email that then directs them to a fake website designed to look like a legitimate bank website.

Sabric said that victims are then prompted to verify or update contact details or sensitive financial information. In some cases, according to Sabric, the scammer asks for access to OTPs or RVNs required to complete the fraudulent transaction.

SIM swapping

SIM swapping has emerged as a popular method that criminals can defraud a victim with criminals intercepting transaction verification tokens. When compared to the year before, SIM swaps increased by a margin of 63%.

Through an unsuspecting bank client’s mobile service provider, the criminal diverts things such as one-time pins (OTPs) and random verification numbers (RVNs) to them and subsequently accesses funds or validates transactions.


Smishing is similar to the traditional phishing scheme however is conducted over the mobile phone. When people are using mobile banking channels – fraudsters try and take advantage.

Instead of sending an email like in a phishing scheme, they send a text message to a potential victim requesting them to call a number or click on a link which then tricks them into revealing their confidential banking information, said Sabric.

In light of such scams, Sabric urges bank customers to treat requests for personal and confidential information with suspicion and use their discretion when sharing this kind of information, should it be requested, said Sabric.

Read: October tax deadline warning – what you need to know

Show comments
Subscribe to our daily newsletter