A City Press reader was recently scammed out of R3 000 when she chatted on Facebook with someone she believed to be a Vodacom agent.
The communication was extremely convincing, suggesting that the individual behind the scam had access to enough of her personal details to make her believe the con was real.
Unfortunately, she has no recourse against the mobile operator because it cannot be held responsible for con artists who impersonate its agents.
In its response to City Press, Vodacom confirmed that it would not ask you to disclose confidential information over email or on any social-media platform.
It said: “Should you suspect that an electronic communication sent to you is false, do not respond or engage in any form of communication with the sender, but rather contact the Vodacom customer care number to verify the legitimacy of any communication received.”
Yolande Steyn, head of innovation at FNB, said the bank was continuously monitoring banking scams and warned that customers should be aware of different types of online banking fraud.
As with the Vodacom incident, social-media scams are on the rise. Fraudsters are pretending to represent FNB or the bank’s customer service persona on Twitter, RB Jacobs, on most social-media platforms.
Steyn said: “We will never ask for your credit or cheque card account number, online banking login details, password or one-time PIN (OTP) on social-media platforms.
FNB’s official social media accounts are @FNBSA and @RBJacobs on Twitter, and FNBSA on Facebook. The official Twitter accounts display a blue tick, which indicates that they are verified.”
Steyn said that another scam that was circulating was one where you would receive an SMS informing you that your account had been debited because you had purchased a flight ticket.
“Fraudsters will ask you to select a link in the SMS to reverse the transaction. When you select the link, you will be redirected to a fake FNB website,” Steyn said.
“You are then redirected to an ‘update and confirm details’ screen, which asks for more information to be verified. The fraudsters will now be able to access your banking profile.”
If you receive an SMS showing an illegitimate transaction, don’t click on the link – rather call the bank’s fraud line immediately.
Steyn said fraudsters were targeting businesses by sending emails purporting to come from one of the business’ suppliers that asks you to update your banking details.
“Beware of this even if it is on the supplier’s letterhead. Contact your supplier using the number you already have for them and not the one on the fraudulent letter,” said Steyn.
“Speak to someone you know at the supplier to confirm the change in banking details.”
Other scams include receiving an email asking you to open a copy of your payment notification, where you will be prompted to login via the email attachment, but this takes you to a fake banking site.
Phishing scams have now morphed into “vishing” or “simishing” scams, where you receive a call or SMS from an individual pretending to be from your bank who gets you to disclose your personal information.
Steyn said fraudsters were also finding ways to access email accounts such as Gmail by creating fake login sites. Once they access your emails, they build up a social profile of you and even intercepted OTPs that were sent to your email address.
They could also contact your service provider to do a SIM swap, which basically means that they hijack your SIM and have access to your SMSes. This also gives them access to your OTP.
RULES YOU MUST NOT BREAK
- Never provide your username, password or PIN in an email, SMS, social-media platform or phone call.
- Never select a link to a bank’s website that was sent via email – always type in the web address yourself.
- If you are unsure, call your bank or service provider and verify the information you have received.