Fraudsters use SIM card swaps and number porting to commit fraud. Once they have your cellphone number, you no longer receive calls or SMS, and your phone has no signal. The fraudsters pose as you to intercept calls and get your banking notifications.

How it works

• They call your service provider pretending to be you and ask for your cellphone number to be transferred to a new SIM card. Or they ask for your number to be ported to another service provider.
• They present a stolen or fraudulent ID and answer security questions posed by the service provider as if they are you.
• They then call you repeatedly so you turn your phone off in anger. This gives them time to do a SIM swap or port your number without you knowing.

Tips

1. Protect your personal information and be careful who you share it with.
2. If you get an SMS for a SIM swap or number port you didn’t request, or seem to lose cellphone connectivity for a long time without reason, call your service provider and let us know immediately on 0800 110 929.
3. Inform us as soon as you change your cellphone number. Your bank notifications go to the cellphone number loaded on our system.
4. Check your bank statements regularly and query any unauthorised transactions.
5. Contact your service provider if you notice anything suspicious.

• Cell C: 084 140
• MTN: 123 stop (123 7867)
• Telkom: 081180
• Virgin Mobile: 0741 000 123
• Vodacom: 082 1946

This is a form of phishing that targets businesses by sending emails to finance departments impersonating a Chief Executive or Chief Financial Officer to trick employees into making an urgent payment. The employees make the payment and the fraudsters get away with the money.

Financial institutions and businesses are the primary targets of these scams, which take a lot of planning to be successful.

How it works

• Fraudsters determine who in an organisation is able to make large payments, then source their contact details and any other information they can use to make the request seem more legitimate.
• They make use of social engineering to gather information. They trawl through social media sites and may even contact employees to gather information.
• They may even get a copy of the email template and signature used by the targeted executive to make the request seem more legitimate.
• The fraudsters then draft an email from the executive requesting a payment be made into an external account. They forward the mail to the targeted employee, hoping that payment will be made.
• They rely on employees never questioning or verifying an instruction from an executive. We often don’t take the time to look at the format, layout, grammar and punctuation in emails, we quickly scan through them before we act.

Tips

1. Make sure the email address on the email received is correct and matches the email address on your business system. Fraudsters will make small changes, like adding a full stop or changing a letter, hoping you won’t notice.
2. If you get an email that seems strange or out of the ordinary, contact the sender and confirm that the email came from them. Do not click on links in a suspicious email, as you might unknowingly download malware onto your computer.
3. Be careful what information you share on social media. Fraudsters use social media to gather information on their targets.

Fraudsters send fake emails that look like they come from your bank or an IT company.

These emails have attachments containing malicious software, which is downloaded onto your device when you click on the attachment.

Once your device is infected with the malware, fraudsters gain access to everything stored on it and monitor your keyboard and record whatever you type. This includes your Online Banking sign-in credentials.

How it works

• You’re sent a fake proof of payment or bank statement, and click on an attachment in the email.
• Someone calls you from an IT company, offering to help you download fake security software.
• You’re prompted to authorise an action to execute, install or upgrade software.

Tips

1. Don’t authorise an action to execute, install or upgrade software.
2. Do not open attachments or click on links from unknown sources.
3. Beware of any attachments that end in .exe, .cab, .htm or .jar. These attachments often contain malicious software.
4. Hover your mouse over hyperlinks to see the actual URL. On mobile devices, long-press the hyperlink to see the URL.
5. Make sure you have the latest antivirus software installed on all your devices.
6. Install the latest updates or patches to your operating system as soon as they are available.
7. Scrutinise your bank statements frequently. If you see unfamiliar transactions, notify us immediately on 0800 110 929.
8. If you receive a suspicious email, forward it to phishing@nedbank.co.za
9. Get more information on antivirus packages at av-comparatives.org, which frequently tests leading antivirus software.

Fraudsters collect email usernames and passwords for email accounts. Once they access your account, they read all your emails, access your contacts and send emails pretending to be you.

They may even send you emails from people you have a financial relationship with, telling you that their banking details have changed so that you pay money into accounts they have access to.

How do fraudsters get your email details? 

• You may be tricked into clicking on a link in an SMS or email, that says you’re running out of storage space and if you do not validate your credentials your emails will be deleted.
• Your computer may be infected with malware that allows fraudsters to monitor your keyboard or search for saved passwords.
• You may have registered on a website with the same credentials as your email account, and this website was hacked.

What to do if your email account has been compromised

1. Have the device you accessed the email address from checked for malicious software and disinfected by a specialist.
2. Change your email password immediately on a different, trusted computer.
   
3. Use 2-factor authentication to protect your email account, like an SMS notification sent to your cellphone.
4. Send an email to all your email contacts to inform them of your email compromise and ask them to contact you immediately if they have received any recent emails from you.
5. Phone the Nedbank Call Centre on 0860 555 111, as well as your banker, financial planner, suppliers and any other persons you conduct financial affairs with. Check if they have received any recent email requests or instructions from you.

Someone calls you posing as a representative from an IT company or service provider. They offer to help solve a computer problem, or try to sell you a software licence.

How it works

• You get a call from someone saying they’re from your network service provider or IT company.
• You’re asked to give them access your device to solve a problem, like upgrading your security software, removing viruses or increasing your network speed.
• You’re asked to buy a software licence.
• You’re asked for your credit card details to pay for repairs or software you ordered.
• You’re directed to a fraudulent website to enter your credit card details and personal information.

Tips

1. Never give a third party control of your device, unless you can confirm they’re a legitimate representative of an IT support team from a company you trust.
2. IT companies never cold call you to do repairs on your device or sell you software.
3. Never give your credit card information to someone claiming to be from an IT company’s technical support team.
4. Make sure your devices’ antivirus software is always up to date.
5. Install the latest updates or patches to your operating system as soon as they are available.