The comprehensive phishing-spotter’s guide

Have you ever had that sinking feeling after hitting the send button that maybe you’ve been scammed? Suddenly, the warning signs you should have noticed seem clear as day, and you’re worried that you’ve lost some money to wily criminals.

The SA Banking Risk Information Centre reports that online banking and mobile banking fraud cost consumers about R185 million in 2020. Mobile banking app fraud alone, amounting to R45 million, increased by more than 30% compared to the previous year.

The threat is real, and the best way to protect yourself against scammers is to know what to look for, so you can avoid their criminal schemes. These digital threats usually start with what is known as a phishing attack – fraudsters trying get you to reveal details like your bank card PIN, online banking password or other vital information.

Before we get to avoiding scams, though, here’s what to do if you suspect you’ve fallen for a phishing attack:

1. Jot down the details

While it’s still fresh in your mind, write down as many details of the incident as you can remember. Important details to record include usernames, account numbers or passwords that you may have shared.

2. Take corrective action

Immediately change your passwords on all affected accounts and services. Get into the habit of creating unique passwords for each account so that the damage from any future hacks is limited.

3. Double your protection

One technique to reduce your exposure to phishing attacks and financial scams is to enable multifactor authentication (also known as two-step verification) for every account you can. This means you’ll have to enter a one-time password that’s sent to your phone or email address before any transactions are authorised.


It’s best to download and install updates regularly to improve your level of protection


4. Alert affected parties

You need to tell the IT support team at your work or school, if this attack affects your work or school accounts or devices. And if you shared crucial banking information, immediately contact our fraud department on 0800 110 929.

5. Report the crime

If you’ve lost money or been the victim of identity theft, it’s best to report this to the police. All the details you jotted down in the first step will come in very handy for this process.

And in future ...

The best way to protect yourself against scheming criminal syndicates is to know what to look out for. Here are 3 top defensive tools against them:

1. Trust nobody

Use your common sense when asked to share sensitive information. That means not simply clicking on links that you’re told will take you to the desired site or app. Also, if the deal you’re being offered sounds too good to be true, it probably is.

If the message is littered with spelling and grammar mistakes, then it probably isn’t from a reputable company.

The best way to avoid falling for their schemes is to check the link that you’re being directed to. It should show if you hover your mouse over the link, but remember that it’s best not to click on links or buttons in emails and messages you receive.

Another way to avoid spoof sites is to type the link into a browser and go directly to the legitimate website – it’s easy for scammers to hide the actual destination of the links, taking you to their site instead of the legitimate one.

Lastly, avoid opening attachments in messages from suspicious or unknown senders. Word, Excel, PowerPoint, and PDF attachments are especially popular for sending malicious files.

2. Don’t panic

A key tactic used in phishing scams is to create a sense of urgency in the hope that you won’t check the true identity of the sender or the message. They know it’s easy to get you to panic if they create a false emergency that can only be ‘fixed’ if you ‘confirm’ identifying information.

If you do hear from your bank or any other service provider requesting vital information about you, rather call them directly instead of responding to what may look like a legitimate email or message.

3. Keep your software up to date

Perhaps the first step you should take to protect yourself is to make sure your software and operating systems are up to date on all your computers and devices – and that’s especially true regarding your anti-virus or anti-malware programs.

Software companies are continuously fixing vulnerabilities in their systems and sending out updates, so it’s best to download and install updates regularly to improve your level of protection.

You can also read more about the tricks criminals use, the cybercrime techniques they employ, and how to bank safely.