The new way scammers are picking their targets in South Africa

 ·11 Aug 2024

South Africa has experienced a significant increase in fraudulent activity over the past year – with scammers hunting for victims on social media, where people are loose with their personal information.

Not only does this allow them the better create a profile of their victims and exploit specific information, it may also give them access to facial and audio data on social media users that they can use in more complex scams and fraud.

According to the Southern African Fraud Prevention Service (SAFPS) 2024 fraud statistics, there has been a 32% increase in reported fraud incidents in the previous year.

Banking fraud contributed to 45% of these incidents, followed by the microfinance sector at 19% and retail at 14%.

Victims of impersonation fraud increased by 54%, with Momentum Insure Head of Claims and Claims Support, Funeka Ngewu, confirming that the group has seen similar spikes in fraud among its clients.

Ngewu said the insurer has “seen a marked rise in policyholders deceived by fraudsters into sharing their policy information by posing as insurance employees and even brokers”.

Ngewu said the country’s fraud landscape has risen to alarming levels, with the list of ways to fall victim to scams being seemingly endless.

Scammers are identifying potential targets through their social media posts, and in this way are able to gather a wealth of information on them, from where they shop to where they work. This is why it’s so important to keep social media profiles private and secure,” the group noted.

This is a key form of social engineering, where scammers try to get hold of user information to fool them into thinking they (the scammers) are officials.

Most people have heard of more popular social engineering attacks like spoofing and phishing that are used to coerce people into sharing OTP pins and internet banking login information.

Now, vishing has also become a popular scamming technique among cybercriminals.

Preying on the elderly in most cases, fraudsters will contact their intended victims over the phone, pretending to be from their bank and alerting them to fraud taking place on their account that requires the victim’s immediate action.

In this way, scammers are able to get OTP pins and banking details directly from the account holder.

Multiple warnings – pay heed

South Africa’s major banks have been escalating warnings to customers over the past few weeks and months, urging them to watch out for these scamming techniques amid the increased frequency of attacks.

Criminals are especially active at this time as it is South Africa’s tax season, and banking customers and taxpayers are more susceptible to falling victim, as they are actively looking for communication from SARS and their banks relating to tax returns and the like.

Standard Bank was the latest to flag fishing scams – echoing Momentum’s analysis that older South Africans are at risk.

Scammers are targeting older people who are approaching retirement or have recently received their cash payouts in particular, the bank said.

These scammers propose ‘high-return’ investment opportunities and persuade victims to transfer funds into fictitious investment accounts with false promises.

In another tactic, fraudsters attempt to create panic by falsely claiming that the victim’s bank account is at risk, urging them to move their money to a different account for ‘safekeeping’.

Standard Bank’s Head of Digital and E-commerce, Dr Belinda Rathogwa, said that banking customers need to be vigilant so they do not fall for such scams.

“A bank will never call to ask you to move your money to an account that you do not know about. If you are going to invest your hard-earned money, verify the details of the investment company that you are dealing with. Check that they are registered with the Financial Services Conduct Authority (FSCA),” she said.

In July, Nedbank warned of other new scams emerging in the country – where fraudsters are posing as well-known companies, including airlines and streaming services, offering fake discounts if you download an app.

Scammers are also getting more technologically advanced, and having access to your face (via photos posted online) or voice (via platforms like TikTok) could open new doors for them to take advantage of your social profiles.

In May, the Big Four bank warned that cybercriminals only need a short clip of someone’s voice to create realistic-sounding voice messages claiming to be them.

If scammers can get recordings of your facial data, they can also create deepfake videos that promote a “great investment opportunities” through AI.

“They’ll add screenshots of fake bank pay-outs and testimonials to make them look more credible. They can post these videos on your hacked accounts or DM them to your friends, family and social media followers, urging them to invest and receive high returns,” said Nedbank.

“If the people targeted from your contact list accept the deepfake as real, they’ll have no reason to doubt that you’re sharing something that worked for you.”


Read: Standard Bank warning for banking customers in South Africa

Show comments
Subscribe to our daily newsletter