What is phishing?
Phishing is a form of email fraud, where an attacker tries to trick you into providing personal information, such as your PIN, password, passcode and transaction verification or card CVV number, by pretending to be a trustworthy source. An example of this is when a criminal sends out emails with images and information of an established company, such as a bank, to fool recipients into clicking on a link and providing login details. These details are then used to access your personal account for fraudulent transferring of funds.
Hackers who send phishing emails are usually trying to accomplish one of three things:
- Get you to click on a link to a malicious website.
- Get you to open a malicious attachment that contains malware.
- Get you to provide sensitive information, such as your account password.
Absa will never send you an email with a link or attachment that will redirect you to what looks like a log in page, requesting your username and password, and at times your smartphone and Banking App passcode.
Knowing the warning signs will assist you to detect a phishing attack.
Even if an email appears to be coming from a reputable source, never open it. An email address could be spoofed, so carefully review it to be sure that it corresponds with the sender's usual email address.
Check for grammar and spelling mistakes.
Check all URLs
Always check all URLs (web addresses) to ensure that the message you've received is indeed from where it claims to be and without any spelling errors.
Too good to be true
Does the email promise something that is too good to be true, such as a payout/reward/to win a competition that you never entered?
Urgent call to action or threats
Does the email threaten severe repercussions if you don't take action, such as losing access to your account, losing money or other valuables, or losing access to services?
Know the rules
No institution, especially a bank, will ever ask you to provide secret information – such as your login details – in writing (by email or via another channel).
Any of the above warning signs should cause serious concern and very careful consideration before clicking on any links contained in the message.
Although we have a number of security measures in place to protect you, your awareness is the key to avoid being a victim of phishing attacks, so bear the following in mind when you receive an email claiming to be from Absa:
- Absa will never send you an email with a link or attachment that will redirect you to what looks like a login page, requesting your username and password, and at times your smartphone and Banking App passcodes.
- Never login to your bank’s website through a link in an email, even if the email appears to have come from your bank. Type the web address into your browser yourself.
- Encrypt – When you are on a secure banking website, a locked padlock symbol will appear in your browser window. This means that you are in a secure environment to bank or make online payments.
- Never download remote access software or give anyone access to your desktop, laptop or mobile phone.
If you think that your banking profile might have been compromised, contact us immediately.
- Call the Absa Fraud Hotline directly via the Banking App by using the Click to call functionality or call 0860 557 557 or +27 (0)11 501 5089 to report the suspicious activity.
- Send the suspicious email as an attachment to Secmon@absa.africa
Suspicious transaction deleted – Please be aware of the latest scam where the fraudster pretends to be an Absa staff member. The fraudster tries to cause panic by stating that a suspicious IP address tried to login to your internet banking, and due the this, your service had been suspended. The fraudster then directs you to a fraudulent link to restore your sevice.
NB: Absa would never send you an email requesting you to click on a link.
Frequently asked questions
Hackers or fraudsters who send phishing emails are trying to accomplish one of the following:
- Get you to open malicious attachments that contain malware (a dangerous software or type of computer virus).
- Get you to provide sensitive information such as your PIN or password.
Hackers will steal your identity and gain access to your accounts or your company’s data.
Absa will NEVER ask you for your PIN, password or passcode, transaction verification or card CVV number.