In this podcast, Jean Rossouw, Head of Financial Education at Capitec, and Nick Harris, Head of Financial Crime at Capitec, explain to Maya how various bank scams work, how to identify a scam before it is too late, and what to do if you are a victim.
As banks improve security around identification, which includes introducing biometric identification, fraudsters are finding that the easiest way to get into your bank account is to get you to help them!
Despite the fact that I often write about these banks scams and we are all aware of them, my husband nearly fell victim recently to one of these scams.
No matter how savvy you think you are, these scamsters are so good at pushing our emotional buttons that it’s easy to fall prey to them.
The more information the scamster has on their potential victim, the more plausible the scam becomes. If the person you’re dealing with has sufficient information about you, then surely they must genuinely be from your bank or mobile provider?
One theory is that this increase in bank scams is related to the data breaches of credit bureaus in recent years.
The large data breach of credit bureau TransUnion last year provided criminal syndicates with detailed information of South African consumers, including information such as telephone numbers, email addresses, identity numbers, physical addresses, and some credit scores.
There have been reports by the Information Regulator that syndicates have also been selling this information to direct marketing businesses.
Take these steps to protect yourself:
- Be cautious of any unsolicited communication requesting an OTP.
- Verify the authenticity of any request for OTPs by directly contacting the organization or individual purportedly making the request. Do not use contact details provided in suspicious messages, instead, use verified contact information from official websites or sources.
- Report the numbers used in vishing scams to your bank immediately.
- Never disclose personal information such as passwords and PINs when asked to do so by anyone via telephone, fax or even email. A bank will never ask you to share your password or PIN.
- Change your password regularly and never share it with anyone else.
- Verify all requests for personal information and only provide it when there is a legitimate reason to do so.
- Never use any information that may have been compromised and rather make use of other personal information that has not been used previously to confirm your identity in future.
- Apply for a free Protective Registration listing with the Southern African Fraud Prevention Service (SAFPS). This service alerts SAFPS members, which include banks and credit providers, that their identity has been compromised and that additional care needs to be taken to confirm that they are transacting with the legitimate identity holder. Consumers wanting to apply for a Protective Registration can contact SAFPS at email@example.com
- Keep an eye on the fraud-fighting website Yima, which gives details of the latest scams and can help you to identify a scam.