An Africa Business Community
With 2011 drawing to a close and the festive season almost upon us, banks, once again, are urging customers to exercise vigilance when transacting over the holidays.
Traditionally, banking fraud spikes over the holidays as more South Africans vacation and spend money. Customers need to be mindful of, and protect themselves against a few key scams.
Here are some useful guidelines to help protect you against fraudsters. Although furnished by the country's biggest retail bank Absa, they are relevant to all banking customers.
Phishing pertains to emails, purportedly sent by your bank (but in fact sent by fraudsters) requesting you to click on links and attachments, the link or attachment will lead you to a spoofed website that resembles the banks Internet Banking logon page to disclose personal information, or insert internet banking logon details. The spoofed website will require you to type out your full password and Onetime password cell phone number. For this reason, whenever you receive an email, SMS or phone call that seems even slightly out of the norm, you should query it.
In a tactic known as SIM swapping, fraudsters are illegally obtaining replacement cellular SIM cards in order to acquire the one-time passwords sent to user's cellphones when conducting their online banking. SIM swaps are normally done by using fraudulent ID books at cellular outlets. Though it is not always easy for the user to detect a SIM swap, a telltale sign could be permanent loss of cellphone signal for no apparent reason, in which case it is important for one to contact their network operator via an alternative means.SIM swaps are usually executed in combination with a successful phishing attempt.
How do you prevent Phishing and SIM swapping?
Irrespective of the specific tactics that may be used, there are a few safe banking practises that ensure customers cannot fall victim to phishing fraud. Absa advises its clients to adhere to the following rules:
- Keep your access information secure (account number, PIN and password)
- Ignore emails or SMSes if you are unsure of its source - especially where it contains a link or attachment and claims to be from your bank.
- Absa or any other bank will NEVER ask you for any of your login details via e-mail, telephone or SMS. If you get such a request, do not share any of your personal or login information.
- Emails from your bank will usually address you by name (e.g. Dear Joe Bloggs). If not, it is likely to be scam
- Refrain from banking at public terminals like Internet Cafes
- Only shop online and provide credit card details to reputable companies
- Up to date anti-virus software and internet browsers reduce your risk of fraud. Absa provides these free of charge to customers. Click on Security Centre from www.absa.co.za for more details and for up to date security related information
Remember, it is safest to access Absa Internet Banking in the following way:
- Visit www.absa.co.za and click on the Internet Banking Logon button
- Once at the Absa Internet Banking logon screen, check the browser address. It should begin with 'https:' (not 'http:')
- Ensure you see a lock and key icon either at the top of the Internet browser window or at the bottom - depending on your browser type. This indicates a secure website
- Once satisfied that you are on the valid website, you may continue to insert your logon details
Credit, cheque and debit cards can be used in a number of locations for a wide range of purchases, offering convenience and choice. Unfortunately card skimming and cloning is a reality and it is important to be cautious when transacting.
Card skimming devices are generally custom manufactured to fit over the card slots of some ATMs. An untrained eye will hardly notice the device attached over the ATM card slot. Criminal syndicates then use mini cameras - installed alongside the card skimming equipment - to steal customer PINs at the same time.
Cards can be cloned instantly using portable encoding devices and laptops, and typically used at another ATM within 10 minutes. Unsuspecting cardholders are usually none the wiser - as far as they know their ATM visit has proceeded without a hitch, and they only become aware of the fraud when they notice suspicious activity on their account at a later stage.
There are a number of steps cardholders can take to reduce the risk of becoming a victim of card fraud. The most effective is to remain vigilant when completing a transaction at an ATM. Steer clear of secluded ATMs and try to complete your banking transactions at a sensible time of day. If you suspect a machine has been tampered with then step away and report the problem to the nearest bank.
When using your card for a purchase, remember the following safety tips:
- Sign your card as soon as you receive it.
- Do not let the card out of your sight for any Point-of-Sale (POS) or other card-based purchase.
- Review your account statements on a timely basis; and immediately query any disputed transactions with your bank.
- Ensure that you get your own card back after every purchase.
- Never write down your PIN or disclose it to anyone.
- Report lost and stolen cards immediately.
- Destroy your credit card receipts before discarding them.
- Do not send e-mails that quote your card number and expiry date.
At places where you are using your card, the person handling the transaction should do the following:
- Hold the card until the transaction is completed.
- Ensure that the card security features are present.
- Compare the cardholder's signature on the card to that on the sales voucher.
- Phone for authorisation if requested to do so by the Point-of-Sale device.
- Make an imprint of the card in the case of a manual transaction.