It’s important to stay up to date with the latest scams to avoid compromising your banking and personal details.
Fraudsters are sending phishing emails in an attempt to lure you into sharing your banking details. Beware of fake eStatements or bank notifications that require you to take an action like a click-through or attachment to download.
How to tell the difference between a fake Standard bank email from a real one:
- We will never greet you by your email address. We always use your name.
- We will never ask you to confirm personal or financial information in an email.
- Always verify emails telling you about suspicious account activity by calling your bank.
- Scam emails often look odd, with a messy layout and spelling mistakes.
- We will never ask you to enter your email address and Internet Banking password to open a statement; eStatements only require you to enter your ID number.
- We will never link you directly to our Internet Banking sign-in page or any other page that asks for your security or personal details via a link or attachment.
- We will never email you links requesting your bank sign-in details, such as CVV, OTP or ATM PIN.
How to protect yourself from this type of fraud:
- Ensure that you use anti-virus software to protect your PC, laptop and mobile devices.
- Hover over links to check the senders’ identity but do not click.
- Look for strange links with numbers, hyphens, misspellings or sub-directories.
- Search for the sender details and verify that they are legitimate.
- Beware of unexpected emails - Be cautious of opening any emails that you weren’t expecting (even if you think you recognise the sender), and don’t open any links or HTML attachments.
What you can do:
- Even if you’re unsure, you can send any suspicious e-mails to [email protected]
- If you are worried that you’ve clicked on any of the links or attachments on a phishing email, contact our Fraud Line immediately on 0800 020 600
- Delete these emails from your mailbox as soon as possible
View phishing sample emails to learn more.
In this scam, fraudsters intercept client communication i.e. with their lawyers or a similar trusted entity (usually in conveyancing and property transactions). The scam exists to trick recipients into making payments into the wrong bank account.
How it works:
- The scammers intercept email communications from attorneys or similar service providers.
- They then copy the letterhead and format of this company and fabricate the email address so that it looks familiar to clients.
- The fraudulent email will inform clients of a change of banking details and instruct them to make future (or immediate) payments into this new account.
- This scam has led to great frustration and strained business relationships.
How to identify it:
- Watch out for uncommon or new elements in your regular business email communications, such as missing letterheads, signatures, etc.
- Always compare the email address that you have received the information from with previous communications.
- Confirm banking details telephonically (and be sure to phone the number you know, not the one on the email).
- Legal firms should inform their clients of this scam and assure them that business banking details will not change.
- Legal firms must also be on the lookout for strange or uncommon activity on their email servers, including large quantities of mails in their sent items, complaints about spam from their company and high bounce rates on outgoing mail.
Your cellphone stores far more information than you may be aware of. A fraudster can access your personal and banking information on your stolen cellphone, which is why it is critical to remember the following:
- Your phone is like a bank card - you need to keep it safe
- Immediately de-link your stolen device from your digital banking profile or contact us on 0800 222 050 (South Africa) or +27 10 249 0015 (International)
- Never save passwords on your devices
- Always be vigilant when using your phone in public
How to block your device on the Banking App when your phone gets stolen:
- Sign into your Banking App on an alternative device.
- Tap on “More”.
- Select “Settings”.
- Scroll down to “Devices”, then tap on “Unlink” next to the stolen device name to de-link the Banking App from your stolen phone.
How to de-link your Internet Banking profile when your phone gets stolen:
- Sign into your Internet Banking profile on an alternative device.
- Go to your homepage and select “More”.
- Select “Settings”.
- Scroll down to the “Devices”. The device you’re currently using and which your app is linked to will be highlighted in bold. Select “Unlink” to remove the app from the device.
- Click on “Unlink” to continue or “Back” to exit.
What strong authenticators can I set up on my Banking App?
Ensure your sign-in credentials on your Standard Bank App are at maximum security by setting up one of the following strong authenticators:
- Digit app code
- Your fingerprint
- Face-ID to sign into your Banking App when using a smartphone
How do I activate strong authenticators on my Banking App?
- Sign into your Banking App
- Tap “More” and then click on “Settings”
- Select “Sign-in preferences”
- Add your preferred sign-in method