in

A ‘New Wave’ Of Bank Scams Is Hitting SA, Ombud Warns – And Sucks To Be You If You Get Hit

  • There is a “new wave” of banking scams targeted at consumers and small businesses, says SA’s banking ombud.
  • But the methods are much the same, often relying on people to hand over OTPs or other credentials to make payments.
  • If you fall for such a scam and your bank wasn’t negligent, that’s your problem, says the ombud.
  • New research says technically-minded people may be even more susceptible to phishing than people who aren’t as tech-savvy.
  • For more stories go to www.BusinessInsider.co.za.
    South Africa is seeing a “new wave” of attacks on the bank accounts of consumers and small businesses, the Ombudsman for Banking Services said on Friday.

    And those who fall for such scams may find they have to live with the losses because it is not just up to banks to keep their money safe.

    “All indicators are pointing towards the fact that there are new scams and an increasing number of the victims,” said ombud Reana Steyn in a statement.

    In 2021 the office recorded losses of R295 million, just in cases where account-holders complained about the conduct of the bank. The ombud investigated 2,880 individual “fraud-related” cases, up 7.5% from the previous year.

    Steyn highlighted an example that started with an email claiming the payment was due to release a package at the Post Office. The recipient made the small payment requested – R42.50 – and then hit “approve” again when another payment authorization request was sent to his cellphone immediately after. He noticed a reference to “Singapore” as he did so, and got in touch with his bank, but it was already too late, and he was out of pocket just over R16,000.

    The victim turned to Steyn for help when the bank refused to accept liability, but found little sympathy.

    “The responsibility is on customers to always remain vigilant and suspicious, especially when requested to provide the confidential banking details that they know can be used to access the funds in their accounts,” said the ombud’s office.

    “The only time the bank will be held liable by the [ombud] is when the losses suffered by the customer were because of the bank’s negligence or wrongdoing.”

    That is rarely the case. In many current scams, fraudsters convince account-holders to hand one-time passwords (OTPs) over the phone, or via online forms, despite increasingly lurid warnings from banks, and an increasing number of “are you sure” checkboxes required to authorize payments.

    New research suggests a lack of technical knowledge is not the problem. Security company F-Secure this week released the results of an exercise that saw it target more than 80,000 people across four organizations with “commonly used phishing tactics”. It found that people in the IT and DevOps departments – which help guard against attacks and who are familiar with the risk of phishing – clicked on suspicious links as often, or even more so, than everyone else.

    IT employees were also terrible at reporting phishing attempts, ranking far below other departments in how suspicious they were.

Loading...

Written by Ph

Leave a Reply

Your email address will not be published.

CAPTCHA


FRIDAY BRIEFING | Under The Pump: Cricket’s Reckoning With Race And History

Charlize Theron Shares Rare Photo Of Daughters In Birthday Tribute To Her Mom