Phishing (email) and smishing (SMS) involve fraudsters asking you to click on a link or an attachment that takes you to a fake website where you must enter your personal information, for example your Nedbank ID and password or your card number and PIN.  

Fraudsters convince you to follow these links by sending you communications that looks like it comes from Nedbank, saying that your account has been accessed, that you need to update your account or install new software to protect yourself.

Sometimes fraudsters also send you a fake proof of payment or a bank statement as an attachment to an email. Once you have clicked on this attachment, you’re prompted to enter your Nedbank ID and password or card number and PIN to open the attachment, giving the fraudsters access to your credentials.

Vishing is social engineering over the phone. Fraudsters call you and pretend to be a bank employee, asking for your personal information. They may also try to trick you into calling them by sending a SMS saying that a transaction is being processed on your account, or that a new debit order has been registered on your account. When you then call the number in the SMS, the fraudsters ask you for your personal information to ‘reverse’ the debit order or transaction, hoping to get their hands on your banking details.

They also pose as representatives from Nedbank’s fraud department and urge you to give them your card PIN or Nedbank ID and password to stop a ‘fraudulent transaction’ or ‘reverse’ a debit order. They even try to convince you to accept an Approve-it message or share a one-time password (OTP) with them, hoping that you won’t read the message carefully and notice that they are indeed trying to transact on your account.

Fraudsters also use caller identity spoofing, when a call appears to be from a legitimate or known number to get their hands on your personal information. Once they have your Nedbank ID and password or card number and PIN, they can access your Online Banking profile and download the Money app.



  • Don’t click on links in messages from unknown sources.
  • Nedbank will never ask you to sign into Online Banking through an attachment or a link.
  • Never give anyone your Nedbank ID and password or card PIN and CVV number (the three- or four-digit security number on the front or back of your card). Nedbank will never call you to ask for these details, not even a portion of it.
  • Never share an OTP with anyone.
  • Always read your Approve-it messages carefully before accepting them and decline the transaction if you didn’t make it and report the incident to Nedbank immediately on 0800 110 929.
  • Keep your passwords safe. Don’t store them on your device or in your browser and don't use the same username and password for all your logins. Your username and password should also be different.
  • Always ensure that you have the latest version of your banking app loaded on your device.
  • If you have the Money app on your mobile device and it’s lost or stolen, contact Nedbank to deactivate the app immediately on 0800 110 929.
  • When calling back to confirm a call from Nedbank, don’t just confirm if the person works at Nedbank. Talk to the individual to find out if they have indeed contacted you.
  • Hover your mouse over any hyperlinks to see the actual URL. On mobile devices, you can long-press the hyperlink to see it.
  • Don’t respond to phishing emails. If you receive a suspicious email, forward it to immediately.
  • Make sure you have the latest antivirus software installed on all your devices and install the latest updates or patches on your operating system as soon as they become available.
  • Don’t trust caller identity. Fraudsters use number-masking software to make it look like the call is from Nedbank when it’s not.
  • If you receive an SMS for a SIM swap or number port you did not request or seem to lose cellphone connectivity for a long time without reason, call your service provider and let us know immediately on 0800 110 929.
  • Do not do your banking on a public computer found at libraries, cyber- or internet cafes and hotels, and avoid using Wi-Fi hotspots.
  • Check your statements frequently and let us know as soon as you see any unfamiliar transactions.
  • Report fraud by calling us on 0800 110 929.

Fraudsters use SIM card swaps and number porting to commit fraud. Once they have your cellphone number, you no longer receive calls, SMSs or notifications from the bank, and your phone has no signal. The fraudsters then pretend to be you to intercept your calls and receive your banking notifications.


How it works

  • They call your service provider, pretending to be you, and ask for your cellphone number to be transferred to a new SIM card. Or they ask for your number to be ported to another service provider.
  • They present a stolen or fraudulent ID and answer security questions that the service provider asks.
  • They then call you repeatedly until you eventually turn off your phone to give them time to do a SIM swap or port your number without you knowing.


  • Protect your personal information and don’t share it with anyone.
  • If you receive an SMS for a SIM swap or number port you didn’t request or seem to lose cellphone connectivity for a long time without reason, call your service provider and let us know immediately on 0800 110 929.
  • Tell us as soon as you change your cellphone number. Your bank notifications go to the cellphone number that we have on our records.
  • Check your bank statements regularly and query any unauthorised transactions.
  • Contact your service provider if you notice anything suspicious.

- Cell C: 084 140

- MTN: 123 stop (123 7867)

- Telkom: 081180

- Virgin Mobile: 0741 000 123

- Vodacom: 082 1946

This is a form of phishing that targets businesses by sending emails to finance departments impersonating a chief executive or chief financial officer to trick employees into making an ‘urgent’ payment. The employee makes the payment and the fraudsters get away with the money. Financial institutions and businesses are the primary targets of these scams.

How it works

  • Fraudsters determine who in an organisation has the authority to make large payments. Then they source this person’s contact details and any other information they can use to make the request for payment seem more legitimate.
  • They make use of social engineering to gather information by trawling through social-media platforms and may even contact other employees to get more information about the person.
  • They may even use a copy of the organisation’s email template and the person’s signature to make the request seem real.
  • Fraudsters then send an email to the targeted employee, saying that a payment must be made into an external account, hoping that the payment will be made.
  • They rely on employees never questioning or verifying an instruction from their superiors. And being busy, employees do not always take the time to look at the format, layout, grammar and punctuation in emails. Instead, they quickly scan through them, do what should be done and move on to the next email.


  • Make sure the email address on the email you have received is correct and matches the email address on your records. Fraudsters will make small changes, like adding a full stop or changing a letter, hoping that you won’t notice.
  • If you receive an email that seems strange or out of the ordinary, contact the sender and confirm that the email came from them.
  • Do not click on links in a suspicious email, as you might unknowingly download malware onto your computer.
  • Be careful what information you share on social media. Fraudsters use social media to gather information about their targets.

Fraudsters send fake emails or messages that look like they come from your bank or other reputable organisations. These emails or messages have links or attachments containing malicious software, which is downloaded onto your device when you click on them.

Once your device has been infected with this malware, fraudsters gain access to everything stored on your device, monitor your keyboard strokes and record everything you type, including your Online Banking credentials.

How it works

  • You receive a fake email with a proof of payment or a bank statement as an attachment and click on the attachment.
  • Someone calls you posing as an employee from an IT company, offering to help you download fake security software.
  • You access a website that is infected by malware.
  • You click on a link or an attachment, asking you to install or upgrade software.



  •  Do not open attachments or click on links from unknown sources.
  • Beware of any attachments that end in .exe, .cab, .htm or .jar. These attachments often contain malicious software.
  • Don’t install or upgrade software unless you are sure that you have to.
  • Hover your mouse over hyperlinks to see the actual URL. On mobile devices, you can long-press the hyperlink to see it.
  • Make sure you have the latest antivirus software installed on all your devices.
  • Install the latest updates or patches to your operating system as soon as they become available.
  • Scrutinise your bank statements frequently. If you see unfamiliar transactions, notify us immediately on 0800 110 929.
  • If you receive a suspicious email, forward it to immediately.
  • Get more information on antivirus packages at, which frequently tests leading antivirus software.

Email hacking happens when cybercriminals get hold of your email account username and password and access your email account. If you use your email account for banking or business purposes, cybercriminals pretend to be you to order goods or services, ask banks to make transactions on your behalf, or even notify business clients of a supposed change in banking details.

Apart from being able to send emails using your mailbox, cybercriminals also create a rule on your mailbox to move any emails from a specific sender to folders located on their computers. You will be totally unaware that your email credentials and confidentiality have been compromised.


How do fraudsters get your email details? 

Phishing: You could have given your email credentials to fraudsters by typing them into a fake website made to look exactly like your email provider’s login page. These phishing emails look like they were sent by your email provider and often contain warnings to grab your attention, for instance that you are running out of storage space or that your account will be deleted if you don’t log in immediately.

Malware: Your computer may have been infected by malware that monitors your keyboard strokes or searches your computer for saved passwords.

  • Hacked website: You may have registered on a website with the same credentials as your email account, and this website has been hacked.


  • Never enter your email credentials on a website that you have accessed via a hyperlink in an email.
  • Also be careful of clicking on attachments from unknown senders, especially if these attachments are programs (eg files that have an .jar, .exe or .cab extension) or are contained in archives like zip files.
  • Many websites require that you register with your email address and a password. Never use the same password that you use to access your email address to register these sites.
  • Keep your passwords safe. Don’t store them on your device or in your browser and don't use the same username and password for all your logins. Your username and password should also be different.
  • Many email providers offer the option of out-of-band confirmation, like an SMS sent to your cellphone. If your email provider has this option, use it. If it doesn’t, consider changing your email provider.
  • You should have reliable, up-to-date antivirus software on your computer, regardless of whether it runs the Windows or MacOS operating system. You can get more information from test sites on the internet at or at
  • It is important that you patch your computer regularly. Hackers are constantly discovering new weaknesses in operating systems and other common software like Adobe Acrobat. Make sure that you regularly update your PC or Mac with the latest patches.
  • Keep in mind that you may also fall prey to email hacking if your clients’ or suppliers’ email accounts have been hacked. Never accept financial instructions, for example to make a payment into a supplier’s new bank account, sent to you via email only. First call the supplier on a number that you have used in the past to confirm that their banking details have indeed changed. But don’t use the contact number given in the email you have received. If it is a fraudulent email, you will be talking to the fraudster and not the supplier. If you are a Nedbank business or a corporate client, you can benefit from our account verification service (AVS) to verify accounts before you make a payment and avoid the fraudulent redirection of money.

What to do if your email account has been compromised

  • Immediately disconnect the computer on which you have accessed this email address from the internet until it has been thoroughly checked for malware and disinfected by a specialist.
  • Change the password on a trusted, but completely unrelated computer that does not share the same network. If you can change the password from a device less prone to virus infection, like a smartphone or a tablet, so much the better.
  • Once you've changed your password, immediately notify Nedbank on 0800 110 929, as well as your banker, financial planner, suppliers, and any other people with whom you have a financial relationship. Ask them to confirm all emails with you before actioning them. It is also important to continue scrutinising your bank statements for any inexplicable entries.
  • Examine the deleted items and sent items in your mailbox for any emails that could have been sent by hackers and take immediate action to remedy these activities.
  • Sometimes, fraudsters cannot send emails from your email account and create a similar email address from which they send their fraudulent emails. If you are aware of such an email address, contact the email service provider immediately with evidence of the compromise and ask them to take urgent action to close this email address.
  • Although this may not be the case, you should assume that any sensitive information on the computer has been compromised. This information could include your email correspondence, passwords for various facilities like your email account or online shopping accounts, as well as the contents of documents stored on your computer. You need to change all your passwords for online accounts, including your email account and online shopping accounts on an uninfected computer.
  • If any fraud has occurred, open a criminal case with the South African Police Service.
  • Contact the South African Fraud Prevention Service (SAFPS) at or 0860 101 248 and ask for their free protective registration service for identity theft.

Someone calls you, pretending to be a representative from an IT company or service provider. They offer to help solve a computer problem or try to sell you a software licence.

How it works

  • You receive a call from someone saying that they’re from your network service provider or an IT company.
  • They ask you to give them access to your device to solve a problem, like upgrading your security software, removing viruses, or increasing your network speed.
  • They ask you to buy a software licence.
  • They ask you for your credit card details to pay for repairs or software that you have ordered.
  • You’re directed to a fraudulent website to enter your credit card details and personal information.


  • Never give a third-party control of your device, unless you can confirm that they’re a legitimate representative of an IT support team from a company you trust.
  • IT companies never cold call you to do repairs on your device or to sell you software.
  • Never give your credit card information to someone claiming to be from an IT company’s technical support team.
  • Make sure the antivirus software on your devices is always up to date.
  • Install the latest updates or patches to your operating system as soon as they become available.