Fraudsters posing as Microsoft representatives contact the victim, informing them of a supposed security threat for which they have to do a software security update or similar intervention.

Scams to be aware of

  • ABSA Rewards scam

    Fraudulent emails are being sent to our clients claiming that they should redeem their Absa Rewards of a specific value. Please delete these emails without taking any other action as it is a phishing scam. (Do not download any attachments)

    Example of the Absa Rewards Phishing Email

    Absa Rewards Scam
  • Microsoft refund scam

    Fraudsters posing as Microsoft representatives contact the victim, informing them of a supposed security threat for which they have to do a software security update or similar intervention.

    They persuade the victim to purchase the software online. The victim gives them access to control the victim’s computer and download the software.

    The victim then pays for the software. Later, the fraudsters phone back and tell the victim that the license has been revoked or the company closed down and they want to do a refund. They ask the victim to log onto online banking and as soon as the victim enters all credentials (PIN and password), the screen goes blank.

    The fraudsters then perform transactions on the victim’s account and the victim, unknowingly, confirms the sure check SMS.

    In 2013, Microsoft South Africa posted a message on Face Book warning users of fraudsters posing as representatives of Microsoft. They urged users to hang up the minute they received such a call and not to respond to any communications from these scammers.
    Users should never provide personal information, such as credit card or bank details, over the telephone and never install anything, visit any web sites or follow any other instruction given by a stranger on the phone.

    If you suspect that you have been scammed, immediately change the password, scan your computer with a safety scanner and contact your bank.

  • Twin SIM scam

    Be aware and pay special attention to all messages received from your Network Service Provider regarding Twin SIM functionality.

    Please notify our Fraud Hotline immediately at 0860 557 557

    Do not switch off your phone

    Take note of any logon notifications when you are not logging on to Absa Online yourself.

  • Scams that look like eStatements

    An email scam is doing the rounds requesting customers to "FICA" their accounts. Fraudulent emails looking like eStatements are doing the rounds, and this is the latest version of the scam.

    Never open an attachment if you are not certain about its origin. Absa's eStatements are normally .emc files, whereas with this phishing email it would be an HTML file.

    Another way of knowing whether an email is from Absa, is that our cover letters always have a security check and addresses the client by name, not as "Dear Valued Customer".

    Below are examples of these scams.

    Scams that look like eStatements
    Scams that look like eStatements
    Scams that look like eStatements
  • Porting your number

    Watch out for this cellphone scam that enables fraudsters to port your number and gain access to your accounts.

    With the latest scam, fraudsters port the victim’s number from one cellphone provider to another. Some cellphone service providers sends SMSes for the account holder to confirm that they are transferring to another service provider. When these confirmation messages are ignored, the porting goes through and the fraudsters have access to the victim’s cellphone messages, including the approval SMSes that the bank sends to customers. If they have already tricked you into giving them your personal and account details, they can transfer money from your account without you knowing.

    Always keep your cellphone switched on and don’t ignore messages from your service provider.

    Below is an example of a scam.

     

    Scam - Porting your number
    Scam - Porting your number
    Scam - Porting your number
    Scam - Porting your number
    Scam - Porting your number
  • SIM Swaps

    With the latest spike in SIM swap fraud, make sure you take all the precautions you can to avoid becoming a victim

    SIM swapping


    A fraudster is able to perform an illegitimate SIM swap with your Cell phone Service provider by for example carrying a false copy of your identity document (read more about identity theft). This allows the fraudster full use of your cell phone account and to receive messages intended for you. They will also receive the confidential banking notifications and approval SMSes that the bank sends to customers. If they have already tricked you to give them your personal and account details, they can transfer money from your account without you knowing.

    You should:

    • Protect your personal, bank account and cellphone account information – also when you’re online.
    • Immediately investigate when you notice that you are not receiving calls and messages.
    • Keep your phone switched on – otherwise you will not notice when your SIM card has been swapped.
    • Register for NotifyMe so that you stay informed of all transactions on your account.

     

    If Absa becomes aware of a SIM swap, a temporary hold is placed on your account for 36 hours to allow you to authenticate yourself and advise us if the SIM swap was legitimate.
    If the SIM swap was legitimate, you can wait out the 36 hours or authenticate yourself by calling our Contact Centre. Once you have been verified as the actual Absa customer, the hold will be lifted.

    Also take note of the latest porting scam.

  • SARS refund scam warning

    The South African Revenue Service (SARS) has warned taxpayers to be wary of an email scam using the SARS logo to defraud people.

    The fraudulent emails state that the recipient is eligible for a refund, and that they require personal information – such as bank account details – in order to issue the refund.

    The email content has varied – some containing links that opened a false website where the recipient is required to enter their personal details. Others required a return email with these details included.

    SARS has advised taxpayers not to open emails from unknown sources, and not to provide information to anyone posing as SARS: “SARS will not request your banking details over the phone, or via email or websites,” spokesperson Marika Miller said.

     

  • How to recognise a phishing scam

    Don’t be caught out! Find out what you need to look out for to avoid becoming a victim of phishing scams. This video explains what Phishing is, how it is done and how not to fall prey

    Don’t be caught out! Find out what you need to look out for to avoid becoming a victim of phishing scams

    A really well-compiled phishing scam can leave even an experienced banker wondering whether or not the link is legitimate – and it is becoming more and more difficult to ensure that you don’t fall victim to these scams. Often, the pages that you click through to are so realistic; it is easy to be fooled into thinking you are on the right website if you aren’t hyper-vigilant.

    There are some recurring themes that you can look out for when you receive an email, including:

    Terrible Grammar

    In a "Pending Payment" scam, the opening line said “there is to inform you” while a "Treat as Priority" scam asked to “please follow this instructions”.

    Strange Email addresses / Unknown email addresses

    Sometimes you may receive an email from someone claiming to have sent the email on behalf of Absa which actually comes from an address like metissci@hosting.wicsot.com. Sometimes the address may seem legitimate, but if you hold your mouse cursor over the email address, you will be able to see where it actually comes from.

    A request to click on a link in an email

    We will never ask you to click on a link in an email to confirm any details or information. Anything that says "sign on", "download", "login", "reactivate your account" or "click here" should be avoided.

    Never reply to a spam email

    This only confirms that your email address is active, and will spur the fraudsters on to send you even more spam.

    There may be a number of things to watch out for, but ultimately we need to be hyper-vigilant and treat most of the emails that we receive with suspicion in order to remain safe and avoid becoming the victim of fraud.

  • Phishing Scams

    Some criminals will go to amazing lengths to steal your money – but the more aware you are, the less likely it will be that you will fall prey to internet or email phishing scams.

    Internet and email fraud


    While the internet can make life very convenient with services such as online banking and shopping, there is always the underlying security risk that criminals will abuse the internet to gain access to your personal information – such as banking details – and use this to steal your money.

    Be aware of phishing scams


    Fraudsters often send out emails claiming to be from Absa (or other reputable organisations) – commonly known as ‘phishing’ - many of which look very authentic as they make use of the Absa logo and corporate colours to convince you that the email is legitimate.


    Often, the content of the email makes reference to your account being suspended, and the only way you can stop this suspension is to click on the link supplied and update your personal details. Although this link does not link to the real Absa website, these websites are usually designed to look exactly like the Absa site, and it becomes difficult to differentiate between this site and the real site.

    Delayed phishing attacks


    In some cases, fraudsters may obtain your access credentials long before any attempt is made to defraud your account. It is very important to change your banking logon information such as your PIN and password regularly to prevent delayed phishing attacks.


    Steps to avoid being a victim of phishing attacks


    Although we have a number of security measures in place to protect you, your awareness is the key to avoid being a victim of phishing attacks, so bear the following in mind when you receive an email claiming to be from Absa:

    • Never reply to these emails, and don’t click on any links
    • Never provide your personal details such as your PIN or account details via email or on any links within these emails. We already have information like your ID number, cell number and email address and will never ask for them via email.
    • Never navigate to our site using a link from an email – always type in the address (www.absa.co.za).
    • If you receive eStatements – read this info to make sure that you are opening a legitimate statement.
    • Delete spam emails immediately. Even a request to remove your email address from the mailing list will confirm to the fraudsters that your email account is active, and could open you up to more attacks.
    • Never open an email attachment unless you know who sent the message.
    • Use the latest browsers which come with filters that alert you when you visit a website that contains potentially unsafe website.
    • Absa will never send you a letter or e-mail requesting you to complete your personal details by clicking on a link in an e-mail.

     

    Below are examples of a phishing scam

     

    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
    Phishing Scams
  • Latest Cellphone Banking Scam

    Watch out for this cellphone scam that enables fraudsters to conduct a SIM swop and gain access to your accounts

    Fraudsters will stop at nothing to gain access to your hard-earned money – and this Cellphone Banking scam is particularly scary because it enables them to personally receive your Random Verification Numbers and transfer money out of your account without you even being aware of it.

    Essentially what happens is:
    • You will receive an SMS from your “bank” stating that there is a problem with your account, and a consultant will be in contact with you shortly
    • A few minutes thereafter you will receive a call, and the consultant will ask you to confirm some details, and ask you for additional information such as your account number, the type of phone you use, and recent dialed numbers
    • They then perform a SIM swop at your cellphone provider which enables them to receive all your banking alerts – allowing them to transfer money to themselves


    Once you become aware of the fact that your cellphone is not working, the money will have been removed from your account.

  • Vishing Scams

    Phone based phishing scams that try to catch you off-guard - voice phishing

    We are all very aware of phishing - and think twice before we click on any links in emails that could compromise our personal information. Unfortunately, fraudsters have very innovative ways of getting to your money - and Vishing is one of these ways.

    As opposed to the normal phishing procedure where you sent an email that requests you to click through to a page (that often looks exactly like the logon page of your bank but is under a fake URL), Vishing requires you to phone a telephone number to update your details or to avoid having your account closed.

    When you phone the number, an automated recording (or a real person) will take your call (using the name of the company concerned) and ask you to verify your information for security purposes. Often this includes your account number and your identity number. Alternatively, they call you directly posing as a consultant from the bank - and ask you the same questions. Once they have the information, they often put you on hold while they attempt to access your account and your money.

    As a rule of thumb: don’t click on that link and don’t call that phone number. If you are concerned and would like to speak to your bank, contact them via the usual channels. Phone the call centre using a verified number. Type in their website address directly - don’t click on URLs.

     

Need more help?

Let one of our consultants assist you.

Call our security centre on:

Fraud Hotline:

0860 557  557

3D Secure Call Centre:

+27 (0) 11 354 4058

Report phishing e-mails:

secmon@absa.co.za