Tyes of scams
Phishing is a type of deception through email, in which scammers send emails to individuals and claim to be a trustworthy organisation, such as a bank or an email service provider.
The email will try to trick you into supplying account details for various reasons, such as the need to update or validate your account details, asking you to click on a link or icon included in the email. Once clicked, the link will launch a fake website that appears to be a real website. On the website, you will be asked to share your personal bank account details, such as the username or password of your online banking profile or email account, or even your mobile phone number and bank card details. Any information you share on the fake website will be captured by scammers and then used to deceive you.
How to identify a phishing scam
There is always a sense of urgency in the email, followed by a threat — freezing of your bank account, for instance — and you are asked to respond rapidly. This gives you little time to think about the matter at hand and talk with persons whom you trust.
The email says that you have fallen prey to a scam or that you have received money, and that you should log into your accounts “here” to report the incident and cancel your bank card, or give authorisation to release the money.
You are asked to state your personal and account details via a hyperlink, attachment or icon supplied in the email.
A vishing scam is a common telephone technique to try to gain access to your personal and account details using a mobile phone call.
You will receive an unverified SMS, stating that a manager of Standard Bank will contact you shortly to update or verify your account details and personal information. The scammers will contact you by phone asking you to update or verify your information. You thank them and supply them with all the information they need to access your bank account. Remember, Standard Bank will never ask for your banking details, password, PIN or One-Time Password (OTP) by phone.
How to identify a vishing scam
There is a sense of urgency in the telephone call, followed by a threat: your account will be frozen if you do not state or verify the required information immediately. This gives you little time to think about the matter at hand and talk with persons whom you trust.
You are asked to update, verify or confirm your personal account details, such as your bank account number, PIN and/or password, by phone.
A smishing scam is an attempt to access your personal and confidential information via SMS.
You will receive an SMS purportedly from a well-known organisation, such as Standard Bank, asking you to call a toll-free phone number. When you call the toll-free number, you will be answered by a fake automated voice response system that will ask you for sensitive details, such as your account number, password and PIN. Once the required information has been given, the scammers have access to the details and may use the information as they please. Remember, Standard Bank will never ask for your banking details, password, PIN or OTP by phone.
Smishing scams are becoming increasingly common and more dangerous, due to the increased popularity of mobile banking. Nowadays, people use their smartphones for virtually everything, including online banking, so there is a lot of sensitive information at risk if the telephone is exposed to fraudulent behaviour.
How to identify a smishing scam
There is a sense of urgency followed by a threat — if you do not update or verify your information now, your account will be frozen — and you are encouraged to respond rapidly. This gives you little time to think about the matter at hand or talk with persons whom you trust.
The SMS asks you to call a toll-free number.
You are asked to update, verify or confirm your personal account details, such as your bank account number, PIN and/or password, by phone.
A fake website claims to be the legitimate website of a certain organisation, and is designed to imitate the original website.
Generally speaking, fake websites have logos similar to those of the original organisation they are imitating, and, in some cases, may even by identical. Typically, the purpose of a fake website is to associate a scam with a reputed institution, and is designed to validate other scams, such as 419 or phishing scams.
How to identify a fake website scam
You are asked to click on a hyperlink, attachment or icon included in the email that is sent to you directing you to the fake website, instead of typing the URL directly in the browser.
You are asked to disclose personal or account details on the website to which you were directed through the email that you received.
The fake website, accessed via the hyperlink supplied in the email, does not have any of the addresses of Standard Bank’s official website or URLs that you usually use to access information or to access online banking.
Identity theft is the theft of personal information — ID card, passport, driving licence, receipts, municipal bills and bank statements — to be used for illegal and fraudulent purposes. The details may be obtained by stealing your wallet or purse, which may contain your ID card or credit card, as well as an email containing bank and credit card statements. Scammers are also known to comb through wastebins looking for private documents containing personal information, and may even intercept confidential emails. Be vigilant when filling your personal information in a form, so that anyone who physically observes you and sees the keys that you press when you insert your personal and banking information does not have access to this sensitive information.
How to protect yourself against identity theft
- Manage your personal information wisely. Store personal and financial documents in a safe place.
- Destroy personal financial information by tearing, shredding or burning it before disposal.
- Monitor your bank statement cycles so that you know when to expect your statement, as well as when it does not arrive.
- Não not carry unnecessary information in your wallet or purse.
- Crie strong PINs and Passwords: do not use obvious choices such as dates of birth and given names, and keep the PINs and passwords in a safe place.
- Never disclose personal information by email or phone.
- What to do if you fall prey to an identity scam
- If your ID card or driving licence is stolen, contact Standard Bank’s 24/7 Customer Helpline immediately: 800 412 412. Report any suspicious activity or transaction immediately.
- Manage your personal information wisely. Store personal and financial documents in a safe place.
- Destroy personal financial information by tearing, shredding or burning it before disposal.
- Monitor your bank statement cycles so that you know when to expect your statement, as well as when it does not arrive.
- Do not carry unnecessary information in your wallet or purse.
- Create strong PINs and passwords: do not use obvious choices such as dates of birth and given names, and keep the PINs and passwords in a safe place.
- Never disclose personal information by email or phone.
- What to do if you fall prey to an identity scam
- If your ID card or driving licence is stolen, contact Standard Bank’s 24/7 Customer Helpline immediately: 800 412 412. Report any suspicious activity or transaction immediately.
The dating and romance scam typically uses the emotional and compassionate side of an individual to try to steal money.
Scammers create fake profiles on legitimate dating websites or social media platforms to find new persons and then lure them into their scams. They will invite you to be their friend or chat with them online, and they excel in sharing personal information to build trust and create a relationship with you. Once they have established the desired connection, they may try to convince you to give them money or disclose sensitive information, either to help them through a personal crisis or for you to pay for their travel expenses so that they may, allegedly, visit you. Once you send them the money, you will very likely never hear from them again.
How to identify a dating and romance scam
- You receive a notification to accept as a friend or an invitation from someone that you neither recognise nor know;
- You have only chatted with this person via a dating website or a social media platform;
- You have never met them personally, only chatted online, and you are asked to make an advance payment or disclose sensitive details;
- You note inconsistencies in the communication sent to you;
- They have an exceptional job — they work in the army or the air force — and need you to help them financially.
The holiday scam seeks to exploit potential tourists by advertising fake ideal holiday packages, accommodation or timeshare offers on the internet or through professional classified advertisements or apparently legitimate websites.
You notice a website or you are sent an email advertising an amazing holiday package. The offer is valid for a couple of hours only, so time is short, and you buy the accommodation package through the website, which you believe to be genuine, using your credit card details. The purchase goes through, but you never receive the package you have paid for. The website and the offer are fake. Holiday scammers have access not only to your money, but also to your bank account details, which they may use for fraudulent purposes.
How to identify a holiday scam:
- .
- You see the accommodation offer on a website that you do not recognise or the special offer is sent to you in a unsolicited email;
- the URL begins with “http” and not “https”;
- The is a sense of urgency in the holiday offer: you have only two hours before it ends, or there are only two packages available. This does not give you much time to think about the matter at hand or talk with persons whom you trust;
- You are encouraged to disclose personal information rapidly online;
- In the email that you receive, you are asked to click on the hyperlink, attachment or icon to view and pay for the holiday package;
- You are unable to contact a reputed travel agency to confirm the holiday package. The contact details include foreign telephone numbers or the property owner/manager does not respond to emails.
The deposit and refund scam seeks to steal goods and services from a business without actually making any payment due.
Scammers will order goods and services from your company, supposedly making the payment to your account. This is done chiefly through fraudulent or stolen cheques. A fake proof of payment is then sent to you and your company hands over the goods to the perpetrator. It is found out later that the cheque is fraudulent and no money was transferred to your company’s account. In other cases, the scammer may cancel the order and request an urgent refund.
Alternatively, scammers may also deposit a fraudulent cheque in your account, only to contact you later to say that they deposited money in your account “in error”. The person calling you will ask for an immediate refund and that you send him/her proof of payment.
How to identify a deposit and refund scam
- You are asked to make a refund to an individual urgently after he/she cancels the order, or a payment is made “in error”.
- You are asked to make a refund to an individual urgently before you have time to check with Standard Bank whether the deposit was made in your account and whether it is really valid.
- You do not know the person who requests the refund.
- You are not sure whether payment is made by deposit of a cheque or not.
- You are unable to call the person who requests the refund on a certain number to confirm the request.
Change of Banking details Scam
The change of banking details scam seeks to steal money by supplying fake information about a change of banking details.
You receive an email, letter or fax supposedly from a well-known supplier. The communication informs you of a change in its bank account details and asks you to update your records accordingly. These “new” bank account details are, however, fake. Your monthly payment is, thus, made to the scammer and not to the supplier as originally intended. Always pay attention to details concerning any change of account. If you receive a request, before changing anything, confirm first with the respective supplier, with a contact person that you trust, in writing or by phone.
How to identify a change of banking details scam
- The request that you receive to alter your supplier’s bank account details does not come from your usual contact person or point of contact at the supplier.
- The request to alter banking details is not made through official correspondence or using the contact details in your database.
The keylogger scam is a software or hardware programme that records and logs each key pressed on a certain computer. The keylogger helps scammers to save and gain access to confidential information.
When the keylogger scam is implemented, scammers may access key insertion details by means of a file on the respective computer, or they may send the details anonymously by email. The keylogger records each key pressed on the computer, including personal and confidential details such as passwords, PINs and usernames. This private information may then be used for fraudulent activities.
Keylogger scammers frequently target internet cafés due to the convenience of the computer terminals and their anonymity. The scammers insert the spyware in the computers, recording all the keys pressed on the various keyboards. Keyloggers record all the information and actions executed on the computers, including private login details of online banking profiles, email account profiles, Facebook profiles, etc., and then forward the details recorded to scammers in general, enabling them to log in and access the respective profiles.
How to identify a keylogger scam
- Keyloggers may be hidden an email attachment, installed in a memory card or be installed via malicious apps or websites. Stay alert when anyone whom you do not trust uses your computer for any reason whatsoever.
- Always be attentive to modifications in hardware or software.
- Be careful when using internet cafés. Do not disclose confidential information on an unknown public computer.
- You receive an unknown email containing unknown attachments and hyperlinks. Do not open any emails, attachments or hyperlinks from unknown sources.
The 419 scam, or advance-fee scam, is a type of advance payment or money transfer scam.
You receive an email, fax or letter containing an offer promising large sums of money (resulting from an inheritance, a lottery prize, etc.). To access the funds, you are asked to pay an advance fee. Various reasons are given for the advance fee, including exchange control charges, customs duties and bank charges. Although the exact details of a 419 scam may vary, large sums of money are usually involved. Essentially, when you make the advance payment, scammers receive all they want from you and may cease all communication. Needless to say, the transaction promised will never take place.
419 scammers are also known for creating fake websites in attempting to validate the 419 scam in mind. Besides the email, you may be given login details for fake websites that appear to be Standard Bank’s online banking. The fake webpage will show that your bank balance is full. They hope that if you see a large bank balance, you will be more likely to fall prey to a 419 scam.
How to identify a 419 scam
- Out of the blue, you receive an amazing promise of large sums of money (usually millions of dollars or pounds) for little or no effort on your part.
- You have no idea where this offered money comes from.
- You are asked to advance money, such as a processing or management fee, to access the money.
- There is generally a sense of urgency, followed by emotional bribery (someone has died or is ill), prompting you to answer rapidly. This gives you little time to think about the matter at hand or talk with persons whom you trust.
- You do not know the persons who sent the communication, although they affirm that have a post of authority in a trustworthy organisation.
- You are asked to supply your personal and account details via a hyperlink, attachment or icon supplied in the email.
Online Shopping enables consumers to buy goods and services directly from vendors through the internet. Although buying online has many advantages — convenience, speed and vast choice — buying online has also its pitfalls. Like anything you do online, whenever you need to supply personal details, such your email address, telephone number and bank card information, you should stay alert and attentive to online scams and fraudulent activities common in the online world.
In spite of the benefits of online shopping being considerable (convenience, a lot of information and customer reviews and vast choice, among many others), it is imperative to stay alert when using online shopping platforms, because online scams are one of the most prevalent forms of cybercrime. Click here to learn more about online scams.
How to avoid online Scams
- Make sure that the company is reputed;
- Make sure that the company is reputed: buy goods and services online only from companies that you know and trust. If you are unsure about an organisation, do some research on it.
- Make sure that the website is safe.
- Make sure that the website is safe: look for security symbols such as a complete key or lock and that the URL begins with “https” and not “http”, which means that no one, except yourself and the merchant, may see your payment information.
- Register yourself in Standard Bank’s Safe Internet Shopping Service:
- Register yourself in Standard Bank’s Safe Internet Shopping Service: this is an additional security feature made available by MasterCard and Visa that requires that you record the password with the card company; no one else may use your card without this password.
- Read the retailer’s privacy policy:
- Read the retailer’s privacy policy: make sure that the online retailer has an acceptable and visible privacy policy published on its website. If the retailer does not explicitly state that it will not share information with third parties without your knowledge or consent, do not disclose your private details.
- Keep track of your transactions:
- Keep track of your transactions: store and print confirmations of all your online purchases. Verify your bank statements regularly and report any suspicious activity to Standard Bank immediately.
- Never pay for goods or services by email:
- Never pay for goods or services by email: it is unsafe to pay by email. Never send payment information, such as card details and the CVV number, by email.
- Never disclose any confidential information:
- Never disclose any confidential information: do not tell any password or PIN to the merchant. This information is only for you to use and know.
- *Avoid using public computers: do not use public computers (e.g. internet cafés) for personal banking online, including online shopping, because they may contain spyware.
- Avoid using public computers:
- Avoid using public computers: do not use public computers (e.g. internet cafés) for personal banking and online, including online shopping, because they may contain spyware.
A cheque scam uses illegal, fraudulent cheques, which appear to be real, in what appears to be a legitimate business transaction. It is imperative that the person who receives any payment by cheque waits until the cheque is unfrozen before releasing any goods or services paid by cheque.
How to protect yourself against cheque scams
- Always keep your chequebook, cancelled cheques and statements in a safe place.
- Do not sign blank cheques.
- Report any lost or stolen cheques and chequebooks to Standard Bank immediately.
- Verify your cheque statements each month and perform a reconciliation.
- Always collect your new chequebook in person.
- Provide Standard Bank with updated signatures of the persons authorised to sign cheques drawn on your account.
When completing your cheques
- Always complete all the beneficiary’s details.
- Include your account details when making account payments.
- Use crossings appropriately.
- Familiarise yourself with the cheque design of different banks.
- Write clearly with an indelible ink pen; this will make it difficult to alter your cheque.
- Write the full name of the beneficiary correctly. Avoid using abbreviations.
- Do not make any corrections or changes. It is better to cancel and complete another cheque.
- Never leave large spaces between words and draw a line across any unused space to make sure that nothing can be added to the cheque.
- Always remember to sign your cheque correctly and clearly.
When receiving cheques
- Only accept cheques from persons whom you know and trust.
- Look for any modifications to the beneficiary and the amount written in full and in figures.
- Make sure that there are no stamps on areas that may hide modifications.
- Do not accept cheques written with black felt-tip pens.
- Look for spelling errors in printed areas, such as the drawer’s details and the branch name.
- Be attentive to any tampering with the MICR code line (the black-shaded area).
- Look for faded cheques, because chemical products may have been used to remove information.
- Be careful with typed cheques.
- Do not accept unsigned cheques.
- Be careful with cheques with unstable and unclear signatures; this may indicate that the signature has been traced.
- Make sure that the same pen, as well as the same handwriting, has been used on all the cheque.
In a SIM swap scam, fraudsters swap the SIM without your knowledge, thus enabling them to intercept phone calls, SMSs and messages.
Typically, the SIM swap takes place after the scammers receive your login details as a result of your response, for instance, to a phishing email. When the scammers gain access to your mobile phone number and other personal information, they may impersonate you and ask your mobile service provider for a new SIM card. They will then have access to your phone calls and SMSs, including the OTP SMS facility, as well as any other notifications that they may use to obtain any fraudulent benefit.
How to identify a SIM swap scam
- You suddenly cease to receive phone calls or messages on your mobile phone.
- You do not receive the OTP that you have requested, even after trying for a second time.
- Suddenly, your mobile phone has no network access in an area in which it usually does.