Phishing is a method of deceitfully obtaining personal information such as passwords, identity numbers, credit card details and sometimes, indirectly, money. Perpetrators might call you or send e-mails that appear to be from trusted sources such as banks, other financial institutions or legitimate companies.
Typically, phishing e-mails request that users obtain, verify or update contact details or other sensitive financial information by clicking on a link in the e-mail that directs users to a spoofed website (a website designed by criminals to fool users into thinking that it is legitimate).
Tips to Avoid Becoming a Victim of Phishing Scams
- Never respond to emails from your bank that requests your personal details. No bank will ever ask you to confirm or update your account details via e-mail
- Never use a link in an e-mail to access your bank’s website. Instead, always use the web address you were given when you signed up for internet banking. Type the web address in your browser and ensure the site is secure by looking for the “lock” icon on your browser before logging on
- Do not open e-mails from unknown sources. Even if the title and sender details appear to be related to your bank delete them immediately
- Keep your online ID, password or PIN private. Never write these details down or share them with anyone, not even with a bank official
- Do not save your Internet Banking password on your desktop, laptop, cell phone or any other electronic device.
- Create longer passwords that combine letters (lowercase and capitals) and numbers that cannot be attributed to you. Avoid passwords that are too personal, too simple such as 1234 and don’t duplicate one password for multiple accounts
- Never leave your computer unattended after you have entered your Internet Banking password
- Always log off or sign out at the end of a session
- Avoid using computers for Internet Banking in public areas such as internet cafés or other places where multiple unknown people have access
- Change your PIN and passwords frequently
- Remember to place sensible transaction limits on your accounts
- Ensure that you have up-to-date anti-virus software applications on devices you use to access Internet Banking. You should also frequently update security patches for your operating system
- Only provide your credit card details to reputable companies when you transact on-line.
Please note that there is a phishing e-mail going around using the Sasfin name. The email below is an example of what is being sent to clients and to random members of the public. Please do not respond to the e-mail or click on any attachment or link.
Subject: Withdrawal Alert Notification.
Dear Sasfin Client,
R32,500 have been withdrawn from your Sasfin Business Bank Account.
Please find below the attached file for your Payment Confirmation records.
At Sasfin, we care about your Business Banking, Capital, Treasury, Wealth Management and Commercial Solutions.
- Identity theft
More and more South Africans are losing money due to fraud and other crimes. Perpetrators target their victims indiscriminately to make easy money at every opportunity. While some of these scams are easily identifiable, others are cleverly executed and require close scrutiny before they can be detected.
The theft of personal information, otherwise known as Identity Theft, is one of the leading contributors to a successful fraud. The consequences of your identity being compromised can be far-reaching and sometimes costly to remedy.
What can criminals do with your personal information?
It can be used by criminals to assume your identity and to acquire retail or bank accounts, or even defraud your insurance, medical aid or Unemployment Insurance Fund. Fraudsters will use your details to impersonate you and attempt to transact on your accounts.
What is personal information?
- Driver’s license
- Salary advice
- Municipal bill and merchant account statements
- Bank statements
There are people who gather personal information about you in order to access your funds. Therefore make sure that it is difficult for strangers to access your personal information.
- Don’t carry unnecessary personal information in your wallet or purse
- Don’t disclose personal information such passwords and PINs when asked to do so by anyone via telephone, fax or even e-mail
- Don’t write down PINs and passwords and avoid obvious choices like birth dates and first names
- Protect your personal information at all times
- Manage your personal information wisely
- When destroying personal information, either shred or burn it (do not tear or put it in a garbage or recycling bag)
- Store personal and financial documentation safely. Always lock it away
- Keep PIN number and passwords confidential
- Pay attention to account cycles.
- Verify all requests for personal information and only give it out when there is a legitimate reason to do so
- To prevent your ID being used to commit fraud, if it is ever lost or stolen, you should alert the SA Fraud Prevention Service immediately on 0860101 248 or at www.safps.org.za
- To protect your interests your information will be put on a database used by banks and retailers
- Verify all requests for personal information and only give it out when there is a legitimate reason to do so. Install firewall and antivirus software protection to prevent a computer virus sending out personal information from your computer
- Don’t use internet café’s or unsecure terminals (hotels, conference centres etc.) to do your banking
- Should your ID or driving license be stolen report it to SAPS immediately
- 419 scams
What is a 419 Scam?
A letter/fax/e-mail is sent to a selected recipient (but in actual fact is sent to many recipients) making an offer that would result in a large pay off for the recipient (“victim”). The details vary and large amounts of money are usually involved. Whilst a vast majority of recipients do not respond to these requests, a very small percentage does, enough to make the fraud worthwhile. Invariably, the victims’ banking details as well as sums of money are said to be required in advance in order to facilitate the payment of the funds. Essentially, the promised money transfer never happens and in addition the fraudsters may use the victims’ banking details to withdraw money for themselves.
Some indications that this could be a 419 Scam:
- Letter/e-mail/fax that sounds too good to be true
- The promise of large sums of money for little or no effort on your part
- The victim is requested to provide money upfront as a processing/administration fee
- The request usually contains a sense of urgency
- The victim does not know the person who has sent the letter/fax/e-mail
- The sender at times requests confidentiality
- The letter usually states that the victim has won a prize/lottery/inheritance
- Genuine companies’ letterheads are utilised to convince the victim of the authenticity of their request
General trademarks of a 419 Scam:
- The amount of money involved is always substantial, usually millions of dollars or pounds
- Letters are generally sent by someone claiming to be in a position of authority, such as a Government Official, Prince, Chief, Doctor, or the wife of a General, Barrister, Solicitor, Lawyer or Bank Official
- They may use emotional bribery, such as claiming someone has died or is suffering from an illness
- The impression is given that you alone have been contacted, but the reality is that the same e-mail/letter/sms/fax was sent to thousands of people
- You are always promised either all, or a substantial percentage, of the money in return for assisting the fraudster in some way
- You will almost certainly be asked to communicate by e-mail
What should you do when you receive a 419 Scam?
- If you receive a scam e-mail, do not reply
- If you have fallen victim, immediately contact the South African Police Services
Please note: Sasfin’s name is being used fraudulently in a 419 scam
- Money laundering
Allowing proceeds of crime to be laundered through your Bank account, knowingly or unknowingly, is a criminal offence. Safeguard yourself from being involved in a serious criminal offence by following these tips:
- Do not open a bank account in your name on behalf of another person, irrespective of the circumstances
- Do not allow your account to be used by another person to deposit or transact on
- If you suspect that the money you are being paid with is the proceeds of crime, immediately report this matter to the police
- Contact us
Sasfin is committed to the highest standards of ethical, moral and legal business conduct. Ethical business behaviour is the responsibility of every person in Sasfin and forms an integral part of our relationship with our customers, suppliers, shareholders and other stakeholders.
We have a ‘zero tolerance’ approach towards fraud and will investigate every incident thoroughly.
Please report suspected fraud or any unethical behaviour to the dedicated lines below:
- Transactional Banking Queries : 080 23 23 23 6 (lost and stolen cards)
- Whistleblowing Line: 0800 000 902
Sasfin has chosen to outsource the management of the Whistleblowing Line to an independent external service provider.
Anonymous tip-offs can be made as follows:
- Dedicated FreeCall number: 0800 000 902
- Email address: email@example.com
- FreePost address: KZN 138, Umhlanga Rocks, 4320
- FreeFacsimile: 0800 00 77 88
- Access to the Delloitte Tip-offs Anonymous website: www.tip-offs.com
- Fraud Risk Department
Tel: +27 11 531 9215 or +27 11 809 7500 (office hours)
Email address: firstname.lastname@example.org