The RSA Anti-Phishing service recorded 1 942 new phishing attacks in South Africa in the first half of 2012.
Phishing is conducted when a fraudster tries to acquire your personal information including usernames, passwords and credit card details by duping you into thinking he is operating on behalf of a reputable entity, such as a bank. Phising scams are often conducted electronically via phone or email.
This equated to an estimated financial loss of R71 million. In addition, the Symantec Intelligence report for June 2012 identified South Africa as the second-most targeted country globally, with one in 170. 9 emails identified as phishing attacks.
Kevin Hurwitz, chief executive officer at Wonga.com South Africa said that as the country has the largest internet connectivity on the continent, South African consumers are at a greater risk of becoming potential victims of financial scams.
Scams used to gain information
According to Hurwitz, various scams are used by criminals to illegally obtain personal information like bank account details, ID numbers, passwords and usernames. They are often sent electronically by individuals posing as legitimate entities, in order to conduct financial fraud.
“Consumers are fooled into providing personal details, or depositing money into fraudulent accounts, based on the assumption that these communications are authentic,” said Hurwitz.
Standard Bank spokesperson, Kershia Singh, said banks are taking significant steps every day to combat and prevent online fraud such as phishing and other cyber related threats.
“The biggest weapon against online fraud is to alert customers. Many phishing sites are constructed to resemble banks or other reputable companies. Fraudsters use these corporate identities to imitate the real site,” said Singh.
She added that ways to detect bogus sites is to look out for spelling and grammatical errors. Also a secure URL will begin with ‘https’ instead of http.
Singh advised internet users to always access internet banking sites by typing the bank’s full address into your web browser.
“Keep your electronic payment limits as low as possible. This reduces the risk of the size of the financial loss. For larger transactions, temporarily increase the limit and then reduce it after the transfer or transaction has been finalised,” said Singh.
She added that you should avoid making your passwords too easy. Steer clear of using you ID number or birthdate as a password, as this information can be harvested on social websites.
The common scam channels
Hurwitz said that there are currently two primary channels used to conduct what is known as ‘advance fee scams’, namely email and SMS.
“These communications are designed to look real and can easily trick consumers into financial losses. Anyone receiving an unsolicited email or SMS, which appears to come from a legitimate source but requests personal information, should contact that organisation directly to verify that the communication is authentic, before taking any actions,” said Hurwitz.
Too good to be true
Another popular type of scam currently doing the rounds involves people receiving an SMS or email claiming that they have won money.
Singh warned that you should never respond to unsolicited emails that tell you that you have won a prize or an international lottery or are about to inherit money from a deceased estate.
“If you haven’t physically entered a competition, you can’t win a prize. Most of these sites will ask for personal information so that your ‘prize’ or inheritance can be forwarded to you,” said Singh.
How can you report electronic scams?
You can report cases of electronic fraud to the South African Police Services(SAPS). For Johannesburg you can call 011 870 5300 or email JHB-Commercialcrime@saps.org.za.
For Durban call 031 332 2534 or email
For the Western Cape call 021 918 3503 or 021 918 3526 or email Bellvillefirstname.lastname@example.org
Also when you receive an SMS or email, you should call the company that has contacted you if you suspect it’s a scam.