• Phishing scams

    Be aware of phishing scams

    Fraudsters often send out emails claiming to be from Absa (or other reputable organisations) — commonly known as 'phishing' — many of which look very authentic as they make use of the Absa logo and corporate colours to convince you that the email is legitimate.

    Often, the email makes reference to your account being suspended, and the only way you can stop this suspension is to click on the link supplied and update your personal details. Although this link does not link to the real Absa website, these websites are usually designed to look exactly like the Absa site, and it becomes difficult to differentiate between this site and the real site.


    Be aware of this latest scam

    In this phishing email, you are required to open the HTML attachment, which will take you to a Verification Request page:


    The following page then requires you to enter your access account number, PIN and your full password.

     

  • Vishing scams

    Vishing scams

    Vishing is a combination of 'voice' and 'phishing'. As with phishing scams, the fraudsters use social engineering to gather confidential information, such as your ID number, banking details and the login details to your internet banking or cellphone banking. This is done either via your cellphone or your landline.

    The fraudster will pretend to be a bank representative or other authoritative person that needs your information to solve a problem or to prevent your account from being closed. Once they have the information, they will defraud you before you realise that you have been scammed.

    You should never trust any caller asking for personal information.

     

    This is how vishing fraudsters usually operate: 
     

    • Fraudsters will phone you, posing as a bank representative
    • They will try to manipulate you into disclosing confidential information
    • The fraudsters will also ask you to call them back, in order to verify that you are indeed speaking to a legitimate person
    • Once you call back, you will be redirected to a call centre at your bank
    • The fraudsters will then call you back and the information you provided can be used to scam you
     

     

  • Other scams

    Be aware of phishing scams

    Fraudsters often send out emails claiming to be from Absa (or other reputable organisations) — commonly known as 'phishing' — many of which look very authentic as they make use of the Absa logo and corporate colours to convince you that the email is legitimate.

    Often, the email makes reference to your account being suspended, and the only way you can stop this suspension is to click on the link supplied and update your personal details. Although this link does not link to the real Absa website, these websites are usually designed to look exactly like the Absa site, and it becomes difficult to differentiate between this site and the real site.

     

    Delayed phishing attacks

    In some cases, fraudsters may obtain your access credentials long before any attempt is made to defraud your account. It is very important to change your banking logon information such as your PIN and password regularly to prevent delayed phishing attacks.

    Be aware of this scam

    Absa SureCheck Profile App — Upgrade

    In this phishing email, you are required to open the HTML attachment, which will take you to what looks like the Absa Online logon page. You will be required to enter your access account number and your PIN.

    From there, you are taken to the next screen where you have to enter your password, followed by your cellphone number.

    You will then be taken to a screen where you are requested to accept the SureCheck.

    This is a real-time phishing scam and you will be defrauded there and then.

    Remember:

    ·      Always double check the ‘From/Sender address’ on the email you receive

    ·      Absa will never address you as Dear Client/Customer, but always by your name

    ·      Absa will never ask you to click on a link or open an attachment in an email in order for you to enter your banking credentials

    ·      We will never ask you to enter your entire password on our secure website; you will only be asked to enter three (3) random characters of your password

    Forward all suspicious looking emails to secmon@absa.co.za

    .

    .

    Pending payment notice

    "An electronic payment has been made to your account.
    Please complete attached with your preferred funding method and you will be credited upon verification."

    The site that you are sent to, looks almost identical to the Absa Online login page. But you can tell it is a scam site, because the URL (web address) doesn’t start with 'https'. The 's' indicates that it is a secure website.

    Remember:

    Absa will never send you an email asking you to click on a link and enter your banking credentials.

    When you receive a suspicious email:

    ·      Do not click on any of the links in the email

    ·      Do not open any attachments in the email

    ·      Forward the email to secmon@absa.co.za 

    ·      Delete the email after you forward it

    .

    Incomplete process

    In this latest scam, you receive an email titled “Incomplete Process: Uncleared”.

    The message implies that a deposit into your account was interrupted because you first have to confirm your banking details.

    If you click on the link, you land on what looks like the AOL login page where you are asked to enter your account number and PIN.

    From there you are taken to where you have to enter your password — just like you would on AOL.

    This page becomes inactive and you then receive a SureCheck.

    Thinking that the SureCheck is needed to take you to the next page, you approve the SureCheck and by then you have been scammed. This is a real-time phishing scam.

    Remember:

    Absa will never send you an email asking you to click on a link and enter your banking credentials.

    When you receive a suspicious email:

    ·      Do not click on any of the links in the email

    ·      Do not open any attachments in the email

    ·      Forward the email to secmon@absa.co.za

    Delete the email after you forward it

    .

    Your Absa Account is Due for FICA

    Fraudsters are currently sending 'FICA requests' to customers. The emails look like they have come from Absa and are designed to get you enter your login details, in order for you to renew your FICA details.

    This is a 'phishing' scam whereby a request appears to come from a legitimate organisation and asks you for your login or account details.

    Absa will Never send you a FICA request via email. If you ever receive such a request:

    • Do not click on any of the links in the email
    • Do not open any attachments in the email
    • Forward the email to secmon@absa.co.za
    • Delete the email after you forward it

     

     

    Should your FICA details need updating you will get a notification pop-up when you logon to your account.

     

  • SIM scam

    SIM swapping

    If a fraudster has a false copy of your identity document, they can perform an illegitimate SIM swap with your cellphone service provider. The fraudster now has full use of your cellphone account and will receive messages intended for you. They will also receive the confidential banking notifications and approval SMSs that the bank sends to customers.

    If they have already tricked you to give them your personal and account details, they can transfer money from your account without you knowing. If Absa becomes aware of a SIM swap, a temporary hold is placed on your account to allow you to authenticate yourself.
    If the SIM swap was legitimate, you can wait out the 36 hours or authenticate yourself by calling our Contact Centre. Once you have been verified as the actual Absa customer, the hold will be lifted.

    Porting

    Watch out for this cellphone scam that enables fraudsters to port your number and gain access to your accounts.

    Fraudsters port the victim’s number from one cellphone service provider to another. Some cellphone service providers send SMSs for the account holder to confirm that they are transferring to another service provider. When these confirmation messages are ignored, the porting goes through and the fraudsters have access to the victim’s cellphone messages, including the approval SMSs that the bank sends to customers.

    If they have already tricked you into giving them your personal and account details, they can transfer money from your account without you knowing. Always keep your cellphone switched on and don’t ignore messages from your service provider.

    Twin SIM

    Be aware and pay special attention to all messages received from your network service provider regarding Twin SIM functionality. Please notify our Fraud Hotline immediately at 0860 557 557

    Do not switch off your phone. Take note of any logon notifications when you are not logging on to Absa Online yourself

  • Card skimming

    Card skimming

    Card skimming occurs while you are making a payment or withdrawal (at a restaurant, garage, ATM or retailer). The criminal either has direct access to your card (to process the payment) or the device is attached to the slot of the ATM. All Absa ATMs have Jitter technology that makes your card shudder slightly when you insert it into an ATM as an added safety feature.

    This is in place so that if a card skimming device is present, it will only capture scrambled data. Card skimming devices are generally smaller than a deck of cards, and are hand-held (often fitting snugly into the palm of the hand); which is why people are not aware of what is happening until they are defrauded at a later stage.

    What can you do to avoid being scammed?

    Always keep an eye on your card when making a transaction; and scrutinise your bank statements to ensure that you spot and report irregular transactions that may occur on your account.

    What should you do if your card is skimmed?

    If your card has been skimmed, you need to contact your bank immediately and ensure that your card is blocked. This will ensure that the criminals can’t do any more transactions using your account details. The bank may ask you to:

    • Change your PIN
    • Cancel the card (and issue you a new one)
    • Ask you to sign an affidavit or provide additional information (depending on the circumstances surrounding the skimming)
    Will I be reimbursed?

    Depending on your bank or the means used to remove the funds from your account, your bank may reimburse you. Each case is individually assessed and circumstances of the loss are considered to determine if any claims will be refunded.

    If a 'fraudulent' transaction has taken place where your card is used together with your PIN, the transaction is usually identified as authentic, and you will not be reimbursed. Never keep your PIN number and card together; rather memorise your PIN.

  • 419 scams

    419 scams

    If you receive an email with an offer that seems too good to refuse, it probably is a 419 scam.

    We have all received those badly-spelled, lengthy emails that tell you in detail how you have won the lotto; or that they will give you large sums of money in return for helping them; all they need are your bank details or some cash. It may sound like an opportunity you can’t miss — but be wary of offers like these.

    What is a 419 scam?

    A 419 scam usually consists of a letter, email, SMS or fax that tells the intended victim that they will receive a large sum of money due to something like winning the lottery, a job offer, a joint venture or an inheritance. The sender then requests your bank account information so that they could transfer the money into your account, with the additional request that you send money to “help the transfer along”. Many people send thousands before they realise that they have been taken in by a scam.

    What does a 419 scam look like?

    If you receive an SMS or email, and you are not sure if it is a 419 scam, there are some markers that you can look out for:

    • There are large amounts of money promised, usually in dollars or pounds, for your help
    • The letters are usually sent by someone claiming to be on a high level of authority (a prince, lawyer, bank official, doctor, or government official)
    • There is often emotional bribery involved, with an illness or a death being mentioned as motivation to help
    • You will generally be asked to communicate by email
    • Authenticity is often boosted by the presence of attachments such as tax clearance certificates
    • They are generally full of grammar and spelling mistakes; and if they contain links to websites, these are generally also full of spelling mistakes and non-standard language (such as using all capital letters)

    I have received a 419 scam email — what do I do with it?

    Firstly, do not reply. These emails are sent out in bulk to a number of email addresses in the hope that someone falls for the scam. You can then either forward the email to the South African Police Services, or delete them.

Need more help?

Let one of our consultants assist you.

Call our Security Centre on:

Fraud Hotline:

0860 557  557

+27 (0) 11 501 5089

Email:

fraud@absa.co.za

3D Secure Call Centre:

+27 (0) 11 354 4058

Report phishing emails:

secmon@absa.co.za