Know when you are targeted! Cybercrime comes in many different methods, and the best way to protect your money and your identity is to take precaution and know what to look out for. Below are types of scams known to mislead and defraud customers.

  • Phishing scam

    What is Phishing?

    Phishing is one of the most common forms of social engineering. Chances are you have already seen quite a few phishing emails, and you might not even know it.

    Some phishing emails are easy to spot – like the ones claiming to be from the Prince of Nigeria who needs your help laundering millions of dollars. Others – like emails that claim to be from your bank or someone you work with – are much harder to detect.

    These days, spam – or unsolicited email – makes up over 70 percent of all email traffic. Most spam email gets caught and filtered before we even see it. Phishing emails, however, make it to our inbox much more often because attackers take more time to carefully create emails that look authentic. Hackers who send phishing emails are usually trying to accomplish one of three things:

    • Getting you to click on a link to malicious websites
    • Getting you to open a malicious attachment that contains malware, or
    • Getting you to provide sensitive information, like your PIN and password

    These are all methods that hackers can use to take control of your information, steal your identity, or gain access to your company’s networks, systems, applications and data. Falling for a phishing attack is handing over your keys to the safe.

    Remember, Absa will not request your PIN, password, passcode, and transaction verification or card CVV number. Always ‘#ProtectYourKeysToTheSafe’ and report any suspicious activity to the Absa Fraud Hotline immediately via the mobile banking App by using the ‘click to call’ functionality or simply call 0860 557 557 or +2711 501 5089.

    "IMPORTANT: Please report the Phishing email / suspicious content received, as an attachment to Secmon@absa.co.za

    Examples of Phishing Scams

    Proof of epayment: Please be aware of the latest Phishing Scam – Electronic deposit notice. The email states that funds had been posted to your account and upon your confirmation, by clicking a link (Phishing Link), you would be credited with the funds.

    Absa Rewards Transaction:  Please be aware of the latest Phishing Scam which states - Absa Rewards Payment e-Certificate Successfully Approved. The email entices you with a large sum of money and in order to verify the transaction, you would need to click on a link (Phishing Link) and follow the instructions.

    Remember: Fraudsters are always finding new and innovative ways to defraud a person. Protect yourself by remaining vigilant and never share your “keys to the safe” (card and online PIN, online password and card CVV number).

    Please be aware of the phishing scam titled: Payment made by SASSA LP to your account still uncleared. The phishing email states that the recipient has an uncleared payment from SASSA and in order to clear and access the funds, the recipient is directed to a link (phishing site) which they would need to logon to.

    Always remember:

    • Never share your “keys to the safe” (that is your card and online PIN, online password and or card CVV number).
    • When you logon to Absa Online (AOL), you will be required to complete the missing characters of your password. The missing characters always follow a random sequence each time you logon. Remember that Absa will never ask for the full password.
    • Always access Absa Online using the Absa website address. Never click on hyperlinks or attachments to access Absa Online.
    • If your logon process seems unfamiliar, close the browser immediately as this could be a fraudulent website.
    • Never approve transactions if you’re not transacting yourself. Absa will never call you to approve transactions. Read your verification messages in full.
    • To report fraud or suspicious activity, call us from our Banking App or 0860557557.

     

    Remember, Absa will not request your PIN, password, passcode, and transaction verification or card CVV number. Always ‘#ProtectYourKeysToTheSafe’ and report any suspicious activity to the Absa Fraud Hotline immediately via the mobile banking App by using the ‘click to call’ functionality or simply call 0860 557 557 or +2711 501 5089.

     


    COVID-19 Exclusive Relief Notice Payment: Please be aware of latest scam offering customers payment reliefs due to COVID-19. 
    The phishing site asks for the following credentials:

    • Access account number
    • PIN
    • User number
    • Full password
    • APP passcode
    • ATM PIN
    • Card number
    • Card Expiry Date
    • Card CVV.

    Remember, Absa will not request your PIN, password, passcode, and transaction verification or card CVV number. Always ‘#ProtectYourKeysToTheSafe’ and report any suspicious activity to the Absa Fraud Hotline immediately via the mobile banking App by using the ‘click to call’ functionality or simply call 0860 557 557 or +2711 501 5089.


    Request for images of ID and debit/credit card (both sides): 
    Please be aware of any email requesting images of your ID or bank cards. Fraudsters are emailing customers, requesting this information under the pretext that it is a requirement due to the new financial regulation of keeping data updated. Absa would not send you an email requesting pictures/images of your debit or credit cards or any confidential information. Should you receive an email requesting such information, consider it fraud and report it immediately to our Absa Fraud Hotline.

    mail


    Email Compromise:
    The latest Fraud trend involves fraudsters intercepting customer emails. Once breached, the fraudster either changes the banking details, listing themselves as beneficiaries, or adds a phishing attachment, prompting customers to DOWNLOAD and provide certain details in order to remove restrictions or to activate their account. The fraudster also changes the content of the email to mislead the customer into believing that their account had been suspended or certain restrictions had been placed on the account. Fraudsters have now taken it a step further by impersonating Absa employees and providing authentic Absa employee details (Signatures, Logo’s and contact details).


    Redeem your Absa Cash Rewards: 
    Fraudsters are constantly finding new and advanced ways to try and defraud unsuspecting customers. Their latest fraud trend involves placing their phishing links in pdf documents. We encourage you to be cautious of opening pdf documents including HTML attachments and links in any suspicious emails as these remain popular phishing methods.

    Ibanking Alert
     


    Important Customer Notice

     


    Important Message From Absa
     


    Online Service Update
     


    Virus Internet Banking Notification
     


    You Have a New Private Message
     


    Your New Absa Estatement
     

  • Vishing scam

    What is Vishing?

    Vishing is a telephonic fraud tactic that works similar to Phishing. The fraudster would contact you telephonically, pretending to be a bank representative or other authoritative person, who requires information such as your ID number, banking details and login credentials to your online banking profile, in order to solve a problem or prevent your account from being closed. Vishing is difficult to trace especially now that fraudsters can mask their numbers, leading a victim to believe that the call is from a legitimate source or by diverting their number to a legitimate number. Clients can protect themselves by always being vigilant and never sharing their PIN, password, passcode, and transaction verification or card CVV number with anyone.

     

    Vishing Tips

    • Be conscious of the fact that fraudsters are masking their telephone numbers in order to manipulate a client into believing that the call is from their bank or authorized personnel
    • Be aware that fraudsters are diverting their telephone number to the banks fraud hotline and requesting clients to call back on their number to verify that it is the banks fraud department. DONOT call the number displayed on your phone screen and call the Absa Fraud Hotline directly via the mobile banking App by using the ‘click to call’ functionality or call 0860 557 557 or +2711 501 5089 to report the suspicious activity
    • Be suspicious of any caller who asks for login information and passwords over the phone. Absa will not request your PIN, password, passcode, and transaction verification or card CVV number.
    •  Never share personal and confidential information with anyone over the phone.
    • If you receive a phone call requesting confidential or personal information, do not respond and end the call immediately.
    • If you receive an OTP on your phone without having transacted yourself, be alert that the fraudster has used your personal information to make purchases online. DONOT provide the OTP telephonically to anybody. Contact the bank immediately to report fraud.
    • Be alert if you lose mobile connectivity under circumstances where you are usually connected, contact your service provider immediately to verify if you have been SIM swapped or number ported. Banks use your cellphone number to verify your identity and for you to verify high risk transactions. If you are a victim of SIM Swap or Number Porting Fraud, call our Fraud Hotline on 0860 557 557 or +2711 501 5089 promptly to have your online banking service suspended
     

     

  • SMiShing scam

    As a digitally-led bank, we aim to safe-guard you, as a valued customer against fraud. 

    SMiShing, or SMS Phishing, occurs when a fraudster sends a text message to an individual's cellphone in an attempt to get them to divulge personal or sensitive information. Similar to Phishing or Vishing, a SMiShing attack usually requires the victim to respond by clicking on the link provided, in order to either update their security, or to unlock their account. The SMiShing URL gets shortened using bit.ly URL in certain cases and are sent to multiple recipients using different cellphone numbers.

    The SMiShing link requests the following information:

    • Account Number
    • Pin
    • Full Password and
    • Cellphone Number

    Please do not click on these links and divulge any personal information. Below are examples of these SMS’s.

    Example of SMiShing scams:
     
  • SIM scam

    SIM swapping

    If a fraudster has a false copy of your identity document, they can perform an illegitimate SIM swap with your cellphone service provider. The fraudster now has full use of your cellphone account and will receive messages intended for you. They will also receive the confidential banking notifications and approval SMSs that the bank sends to customers.

    If they have already tricked you to give them your personal and account details, they can transfer money from your account without you knowing. If Absa becomes aware of a SIM swap, a temporary hold is placed on your account to allow you to authenticate yourself.
    If the SIM swap was legitimate, you can wait out the 36 hours or authenticate yourself by calling our Contact Centre. Once you have been verified as the actual Absa customer, the hold will be lifted.

    Porting

    Watch out for this cellphone scam that enables fraudsters to port your number and gain access to your accounts.

    Fraudsters port the victim’s number from one cellphone service provider to another. Some cellphone service providers send SMSs for the account holder to confirm that they are transferring to another service provider. When these confirmation messages are ignored, the porting goes through and the fraudsters have access to the victim’s cellphone messages, including the approval SMSs that the bank sends to customers.

    If they have already tricked you into giving them your personal and account details, they can transfer money from your account without you knowing. Always keep your cellphone switched on and don’t ignore messages from your service provider.

    Twin SIM

    Be aware and pay special attention to all messages received from your network service provider regarding Twin SIM functionality. Please notify our Fraud Hotline immediately at 0860 557 557

    Do not switch off your phone. Take note of any logon notifications when you are not logging on to Absa Online yourself

  • Card skimming

    Card skimming

    Card skimming occurs while you are making a payment or withdrawal (at a restaurant, garage, ATM or retailer). The criminal either has direct access to your card (to process the payment) or the device is attached to the slot of the ATM. All Absa ATMs have Jitter technology that makes your card shudder slightly when you insert it into an ATM as an added safety feature.

    This is in place so that if a card skimming device is present, it will only capture scrambled data. Card skimming devices are generally smaller than a deck of cards, and are hand-held (often fitting snugly into the palm of the hand); which is why people are not aware of what is happening until they are defrauded at a later stage.

    What can you do to avoid being scammed?

    Always keep an eye on your card when making a transaction; and scrutinise your bank statements to ensure that you spot and report irregular transactions that may occur on your account.

    What should you do if your card is skimmed?

    If your card has been skimmed, you need to contact your bank immediately and ensure that your card is blocked. This will ensure that the criminals can’t do any more transactions using your account details. The bank may ask you to:

    • Change your PIN
    • Cancel the card (and issue you a new one)
    • Ask you to sign an affidavit or provide additional information (depending on the circumstances surrounding the skimming)
    Will I be reimbursed?

    Depending on your bank or the means used to remove the funds from your account, your bank may reimburse you. Each case is individually assessed and circumstances of the loss are considered to determine if any claims will be refunded.

    If a 'fraudulent' transaction has taken place where your card is used together with your PIN, the transaction is usually identified as authentic, and you will not be reimbursed. Never keep your PIN number and card together; rather memorise your PIN.

  • 419 scams

    419 scams

    If you receive an email with an offer that seems too good to refuse, it probably is a 419 scam.

    We have all received those badly-spelled, lengthy emails that tell you in detail how you have won the lotto; or that they will give you large sums of money in return for helping them; all they need are your bank details or some cash. It may sound like an opportunity you can’t miss — but be wary of offers like these.

    What is a 419 scam?

    A 419 scam usually consists of a letter, email, SMS or fax that tells the intended victim that they will receive a large sum of money due to something like winning the lottery, a job offer, a joint venture or an inheritance. The sender then requests your bank account information so that they could transfer the money into your account, with the additional request that you send money to “help the transfer along”. Many people send thousands before they realise that they have been taken in by a scam.

    What does a 419 scam look like?

    If you receive an SMS or email, and you are not sure if it is a 419 scam, there are some markers that you can look out for:

    • There are large amounts of money promised, usually in dollars or pounds, for your help
    • The letters are usually sent by someone claiming to be on a high level of authority (a prince, lawyer, bank official, doctor, or government official)
    • There is often emotional bribery involved, with an illness or a death being mentioned as motivation to help
    • You will generally be asked to communicate by email
    • Authenticity is often boosted by the presence of attachments such as tax clearance certificates
    • They are generally full of grammar and spelling mistakes; and if they contain links to websites, these are generally also full of spelling mistakes and non-standard language (such as using all capital letters)

    I have received a 419 scam email — what do I do with it?

    Firstly, do not reply. These emails are sent out in bulk to a number of email addresses in the hope that someone falls for the scam. You can then either forward the email to the South African Police Services, or delete them.

Need more help?

Let one of our consultants assist you.

Call our Security Centre on:

Fraud Hotline:

0860 557  557

+27 (0) 11 501 5089

3D Secure Call Centre:

+27 (0) 11 354 4058

Report phishing emails:

secmon@absa.co.za