Phishing is when an attacker sends you a fraudulent email, pretending to be a trusted source like an established company or a bank. They aim to trick you into sharing sensitive information like your ID number, banking details, online banking login credentials, PIN, password, OTP, or cellphone number.
Look out for these suspicious-looking emails and don't click on links that ask you to provide login information.
Fraudsters try and make you:
- Click on malicious links or open malware-containing attachments
- Disclose sensitive information such as account passwords
Warning signs:
- Absa will NEVER send emails with links or attachments redirecting you to a login page that requests you to share your username and password, or passcode
- Make sure your emails are coming from a verified email address and not from a spoofed email address
- Check for grammar and spelling errors
- Always validate URLs for legitimacy
- Don't download remote access software or grant strangers access to your devices
- Be cautious of emails promising unreal rewards, competitions that you never entered, or urgent threats
- No reputable institution, especially a bank, will reach out to you for sensitive information
Vishing is when a fraudster calls you directly and pretends to be a bank representative. They aim to trick you into sharing sensitive information like your ID number, banking details, online banking login credentials, PIN, password, OTP, or cellphone number.
They will encourage you to act urgently and pretend like your account is at risk of being hacked or exposed if you don't.
Protect yourself:
- Never share PINs, passwords, passcodes, or card CVV numbers with someone on the phone
- Beware of fraudsters diverting numbers, especially if they ask you to call back
- If calls or OTPs cease unexpectedly, contact your service provider to check for SIM swapping
- Do not provide a received OTP to anyone; report such incidents to the bank
- Avoid downloading software from suspicious sources
Fraud scenario:
- Caller requests personal information that Absa would never ask for
- Caller presents unlikely issues, like a blocked or hacked account
- Caller prompts a call back with false validation, accompanied by an OTP not initiated by you
SMiShing is when a fraudster sends you urgent, deceptive text messages, threatening that your account will get blocked if you do not react. They aim to trick you into sharing sensitive information like your ID number, banking details, online banking login credentials, PIN, password, OTP, or cellphone number.
Absa will never send you an SMS with a link on it. Report any suspicious SMS activity and delete the SMS.
How to identify SMiShing:
- Shortened URLs, especially using bit.ly
- Requests for personal information a bank would never ask for
- Differences in style and sign-off compared to legitimate messages from Absa
A fraudster can perform an illegitimate SIM swop with your cellphone service provider. If a fraudster has a false copy of your identity number or has all of your personal details available they can manipulate your cellphone number to receive SMSes that should be going to you, for example, an OTP.
This means that they are one step closer to logging into your account. This is why you must never share personal information like your ID number, banking details, online banking login credentials, PIN, password, OTP, or cellphone number with strangers or suspicious digital sources.
Protect yourself:
- Activate app authentication on your mobile banking app to stop fraudsters from using SIM swopping to access your account
- Protect your personal, bank account and cellphone account information when you are talking to strangers or busy online
- Immediately investigate when you notice that you are not receiving calls and messages
- Keep your phone switched on – otherwise, you will not notice when your SIM card has been swopped
Tips to prevent cheque fraud:
- Wait for clearance
If you are accepting a cheque as payment, wait for it to clear before handing over goods or issuing a refund
- Beware of overpayment
Be cautious if you receive a cheque exceeding the owed amount (scammers might ask you to deposit it and return the excess, indicating potential fraud)
- Report lost cheques
Immediately report lost, stolen, or missing cheques
- Do proper cheque filling
When filling out a cheque, avoid leaving space before the payee's name or amount (cross out unused spaces)
- Keep your chequebook secured
Keep your chequebook in a safe place at all times and don't let strangers have access to it
- Avoid blank cheques
Never sign a blank cheque that does not have an amount and all other information filled in
- Reconcile regularly
Make sure you are checking your bank and cheque statements regularly
- Use 'Not Transferable'
Mark cheques with "Not transferable" between two transverse lines for intended beneficiary assurance
- Use secure mailing
When posting a cheque, use a non-transparent or dark envelope without staples/paper clips and make sure your mailing service provider is reliable
- Reject faxed deposit slips
Never accept faxed bank deposit slips as proof of payment
- Look for handwriting
Make sure that there is consistent handwriting and pen use on cheques received
- Look for alterations
Verify that your cheques received do not have any visible alterations
Prevent supplier fraud by always verifying changes received from suppliers, and always ensuring that supplier/beneficiary banking details are authentic; be cautious of diverted correspondence.
If you suspect fraud, report it to your relationship executive immediately, or contact Absa Customer Service at 0800222333. Reporting to the police is also highly recommended.
What to watch out for:
- Counterfeit documents
Beware of scanned company letterheads with blurred logos on counterfeit invoices
- Email discrepancies
Watch for confirming emails from nearly identical addresses, differing by a single easily overlooked letter
- Bank changes
Always verify requests to change bank details with your regular contact
- Invoice scrutiny
Train staff to check invoices for irregularities and report suspicions to a known contact
- Designated contacts
Consider setting up single points of contact for regular payments to specific companies
- Secure Disposal
Shred business and supplier documents containing letterheads
- Private banking details
Avoid publishing bank account details online to prevent fraudulent use
- Review change requests
Scrutinize past requests to change account details to ensure authenticity
- Client awareness
Warn clients about potential fraudulent instructions, safeguarding them from acting on false information
How to prevent tech support scams:
- Update software
Keep software current with the latest security patches
- Avoid unexpected calls
Never grant computer control to an unexpected third party
- Doubt caller ID
Don't solely rely on caller ID for authentication, as numbers can be spoofed
- No financial info
Never provide passwords, credit card details, or financial information to unsolicited tech support claims
Fraudsters move fast
Contact us immediately if you notice suspicious activity or think you have been targeted:
Tollfree line: 0800222333
Operating hours: 08:15-05:15 and 24/7 Call Centre support.
Need more help?
Call us on:
0800 222 333 (Toll Free)
+256 (0) 312 218 348 (Network charges apply)
Email us: