With online transactions becoming the norm and personal banking details protected by a handful of passwords and authentication processes, consumers must be aware of common scams.
Discovery Bank has urged its clients to stay ‘cyber-safe’ on sales periods such as Black Friday and Cyber Monday, as well as the festive season in general, noting that criminals are out to steal money.
According to the South African Banking Risk Information Centre (SABRIC), the number of non-contact banking fraud cases decreased in the country in 2021 – however, this is no reason to become complacent.
In its most recent annual report for 2021, Sabric stated that there was a significant increase of 45% in gross losses from banking-related frauds, from R310 million in 2020 to R440 million the following year, despite an 18% decrease in reported incidents since 2020, primarily attributable to a decrease in mobile banking fraud incidents.
Nowadays, exploiting the fact that almost everyone banks online has been the main source of income for criminals.
Online banking fraud accounts for the second-highest percentage of gross losses, according to Sabric, although making up a modest proportion of instances of digital crime. The average amount of money stolen from victims was R33,781.
In a fraud alert issued by the bank, Discovery listed the following scams which are currently most prevalent in the country:
- Phishing – when fraudsters send emails that appear to be from reputable businesses, like Discovery, and often promise a reward (such as a Black Friday refund) to get your personal information.
- Smishing – when criminals try to get your information by making you click a link in an SMS to a fake webpage.
- Qishing – a type of phishing that uses QR codes to scam victims. If you click a QR code, always check the website URL you’re directed to.
- MFA fatigue – Multifactor authentication (MFA) fatigue is a method criminals use to flood your authentication app with push notifications in the hope you’ll accept their false authentication, allowing them access to an account or device. Always check that you are authenticating the right push notification.
Banking group FNB warned that the latest scam doing the rounds in the country is the remote access scam, which is being used to gain access to online banking accounts.
“Remote access software is becoming a very popular way for fraudsters to gain access to your banking profile. These are sophisticated software programs that enable fraudsters to remotely take control of your PC over the internet,” FNB said.
Through the scam, fraudsters call customers and offer to help them block a fraudulent transaction by asking them to download and install protective software on their PC.
Once this software is downloaded and installed, the fraudster asks customers to enter their details and log into their banking profile.
If the customer does this, their PC screen will go black, and they will start receiving OTPs to confirm transactions they did not perform. The fraudster then asks for the OTPs so they can block the transactions immediately. Unfortunately, this is instead used to defraud the customer.
Discovery and FNB both warned customers to steer clear of interacting with unknown links and downloading unknown software.
If customers are contacted by purported representatives of the banks asking for them to download or follow links, it is best to end the call and contact customer services.
Banks will never ask you to forward OTPs, or to download software and enter banking details.
“Never disclose sensitive information, such as your username, password, card and PIN details to anyone – not even a bank official,” FNB said.