Phishing is a method of deceitfully obtaining personal information such as passwords, identity numbers, credit card details and sometimes, indirectly, money. Perpetrators might call you or send e-mails that appear to be from trusted sources such as banks, other financial institutions or legitimate companies.
Typically, phishing e-mails request that users obtain, verify or update contact details or other sensitive financial information by clicking on a link in the e-mail that directs users to a spoofed website (a website designed by criminals to fool users into thinking that it is legitimate).
Tips to Avoid Becoming a Victim of Phishing Scams
- Never respond to emails from your bank that requests your personal details. No bank will ever ask you to confirm or update your account details via e-mail.
- Never use a link in an e-mail to access your bank’s website. Instead, always use the web address you were given when you signed up for internet banking. Type the web address in your browser and ensure the site is secure by looking for the “lock” icon on your browser before logging on.
- Do not open e-mails from unknown sources. Even if the title and sender details appear to be related to your bank delete them immediately.
- Keep your online ID, password or PIN private. Never write these details down or share them with anyone, not even with a bank official.
- Do not save your Internet Banking password on your desktop, laptop, cell phone, PDA or other electronic device.
- Create longer passwords that combine letters (lowercase and capitals) and numbers that cannot be attributed to you. Avoid passwords that are too personal, too simple such as 1234 and don’t duplicate one password for multiple accounts.
- Never leave your computer unattended after you have entered your Internet Banking password.
- Always log off or sign out at the end of a session.
- Avoid using computers for Internet Banking in public areas such as internet cafés or other places where multiple unknown people have access.
- Change your PIN and passwords frequently.
- Remember to place sensible transaction limits on your accounts.
- Ensure that you have up-to-date anti-virus software applications on devices you use to access Internet Banking. You should also frequently update security patches for your operating system.
- Only provide your credit card details to reputable companies.
Please note that there is a phishing e-mail going around using the Sasfin name. The email below is an example of what is being sent to clients and to random members of the public. Please do not respond to the e-mail or click on any attachment or link.
Please note that the addresses used in some instances are: email@example.com; firstname.lastname@example.org
Subject: Withdrawal Alert Notification.
Dear Sasfin Client,
R32,500 have been withdrawn from your Sasfin Business Bank Account.
Please find below the attached file for your Payment Confirmation records.
At Sasfin, we care about your Business Banking, Capital, Treasury, Wealth Management and Commercial Solutions.