Sign in
Current scams

New scams continue to emerge – learn how to identify them.

Current scams hero banner

Latest Scams

It’s important to stay up to date with the latest scams to avoid compromising your banking and personal details.

What is the SIM Swop Scam?

In a SIM swop scam, fraudsters perform a SIM swop without your knowledge, allowing them to intercept your phone calls, SMSs and effectively taking over your phone number.

How it works:

  • The SIM swop usually takes place after fraudsters have received your Internet Banking sign-in details after you’ve responded to a vishing call or phishing email.
  • Once fraudsters have access to your cellphone number and personal details, they can pose as you and request the SIM card to be swopped from your network service provider.
  • This gives them access to your SMSs, OTPs, phone calls and other notifications.

How to identify it:

  • You are no longer receiving calls or messages on your cellphone.  
  • You don’t receive the OTP you requested.
  • Your cellphone has no signal in a regular network area.

What you can do:

  • If you lose cellphone connectivity for some time for no apparent reason or receive an SMS for a SIM swop or a number port you did not request, contact your service provider and our Fraud Line immediately on 0800 020 600.
  • Protect your personal information and limit the amount of personal information you share online.
  • Fraudsters might call you numerous times before doing a SIM swop in the hopes of frustrating you so that you turn your phone off. This enables them to do the SIM swop or number porting.
  • Inform the bank immediately if you change your cellphone number, as notifications will go to your cellphone number loaded on the banking system.
  • Check your bank statement on a regular basis to monitor possible unauthorised transactions.
What is the Money Mule or Mule Accounts Scam?

Money Mule or Mule Accounts is when criminals approach bank customers with requests to have funds paid into their accounts and often offer them a reward to use the account.

The money that is paid into the account is often the proceeds of another crime. The account holder can be charged with money laundering, even if it was unknown at the time that the money was proceeds of crime.

How to identify it:

  • Someone approaches you to use your account to receive monies for the sale of a vehicle/items to which you have no connection, with the promise of a reward or small payment.
  • You are approached to open up an account for an individual who does not have the legitimate documentation to open an account at a bank.

The consequences:

Allowing proceeds of crime to be laundered through your bank account, knowingly or unknowingly, is a criminal offence. Bank clients can be charged and convicted for money laundering and even receive a prison sentence.

What you can do:

  • Do not open a bank account in your name on behalf of another person, irrespective of the circumstances.
  • Do not allow your account to be used by another person to deposit or transact with, even if the person is known to you.
  • If you suspect that the money you are being paid with is the proceeds of crime, immediately report this matter to the police.
  • If you need further assistance, call our 24-hour fraud line on 0800 020 600.
What is the Investment Scam?

There are several investment scams that you may be exposed to. The most common scams include:

  • Pyramid schemes and Ponzi schemes
  • Pump-and-dump
  • Property scam

1. Pyramid schemes and Ponzi schemes

A pyramid scheme is a business model whereby you need to recruit other members into the business to receive payments or services. This type of investment promises big returns in a very short time.

In truth, the money that you receive for recruiting new members get paid as “dividends”, and it seems as though your money has grown; however, the business simply took someone else’s money and gave it to you.

How to identify it:

  • A fee or initial investment is required to join the scheme.
  • The scheme operator promises high returns over a short period.
  • You’re asked to recruit more investors to get more rewards.
  • Participants are sometimes taught how to avoid detection methods.
  • These schemes are often disguised as stokvels and may even use virtual currencies like Bitcoin.
  • You get incentivised according to your investment and categorised into a tier. For example, silver, gold and platinum membership.
  • Investors complain (usually on social media) that returns have dried up. The scheme operator typically shifts blame to the banks and promises that payments are imminent.
  • There is general secrecy e.g. you don’t know where the funds will be invested or in what. • You are requested to invest your pension fund or savings/capital.
  • These schemes operate on trust – and an invitation to invest often come from someone that you know.
  • User groups mainly use WhatsApp to communicate due to the belief that the app offers end-to-end encryption and, therefore, anonymity.

A Ponzi scheme is similar to a pyramid scheme; however, you don’t need to recruit new members. The person who sets up the business is responsible for recruiting new investors, who will bring money into the business as they join. When you are paid your return, you are being paid the money that the investors brought in, rather than profits from legitimate business activity. The business will close when there are not enough new members to keep paying the older members.

How to identify it:

  • The scheme operator promises high returns within a short period.
  • In some cases, the scheme operator will use fake qualifications or references to entice investors.  
  • High returns are paid initially so that investors are lured into investing more money.
  • The scheme operator often promises guaranteed returns.
  • The actual business model is usually secretive.
  • The scheme operator becomes unavailable and returns dry up. Usually, the scheme collapses soon thereafter.

2. Pump-and-dump

When a person purchases shares in a relatively unknown business at a low price, they spread fake news and information about the business to inflate the business’s value and make it look like an attractive investment opportunity. The investors will then buy these shares at a higher price as they believe they are buying shares from a good business. Once all these shares are bought, the person who started the scam, runs away with everyone’s money, and the investors are left with shares of no real value.

3. Property scam

A property scam is when someone tries to purchase a property that is not for sale or pretends that there is a property for sale when there isn’t. The scammer will then charge legal or admin fees to buyers and then runs off with the money.

How to identify it:

  • The “seller” of the property will not show you the property
  • The “seller” of the property pushes you to make fast decisions
  • The “seller” of the property requests that you pay certain fees before the sale can continue
  • The “buyer” offers you a very high price or the exact asking price for the property

What you can do:

If you are the victim of a scam you can report it to:

  • The South African Reserve Bank
  • The South African Financial Intelligence Centre
  • The Financial Sector Conduct Authority
What is the Instant Money Scam?

Fraudsters call customers and pretend to be from the bank to advise them that there’s fraud on their account. The customer is then requested to send an Instant Money voucher to themselves to stop the fraud. Upon receipt of the Instant Money voucher, the customer is asked to read back the voucher details and PIN to validate the transaction and confirm that it is successful.

How to identify it:

  • Fraudsters will call and pretend to be from the bank to assist with how to send Instant Money.
  • The call will have a sense of urgency to coach customers on how to reverse debit orders using the Instant Money option.
  • They will ask you to share your OTP (One-Time PIN) as part of an authentication process. No bank will ever ask you to do this.

What you can do:  

  • We will never ask you to send an Instant Money voucher to yourself.
  • We will never ask that you send vouchers to yourself for authentication.
  • We will never ask you to share your OTP with anyone.
  • Protect your personal information and don’t share it with anyone.
What is the UCount Scam?

Our UCount Rewards programme has become a target of phishing attacks.

In this scam, you might receive an email claiming to be from UCount and stating that your rewards are now ready to be redeemed. You are then requested to "click here" to redeem or validate your points.

How to identify it:

  • Check the style and format of the fake email and compare it to an original UCount email.
  • Check for alignment of all the banners, errors within the banner and overall alignment of the paragraphs.
  • Check for errors like “And” with a capital letter in the middle of two words.
  • When you hover over “click here”, the URL address is not linked to UCount.
  • The overall look and feel of the fake email are not aligned to the UCount Rewards look and feel.
  • Note: UCount does not make reference to cashback.

What you can do:  

  •  UCount will never email you links to redeem your rewards.
  • UCount will never request your bank sign-in details, including CVV, OTP or ATM PIN.
  • Please do not provide this information to anyone via email, SMS or telephonically.
  • If you receive an email claiming to be from UCount with an attachment or link to redeem your rewards, do not click on the link or open the attachment.
  • Hover over the link to confirm the email address or website is legitimate (check that the website is https and not http). If it is not from a website or email address that you know, delete the email immediately.
  • If you receive a suspicious email containing links, please forward it to [email protected] for shutdown
  • If you’re unsure of how to check your balance, refer to the Standard Bank App or check on your Internet Banking profile.  
  • If you need further assistance, call our 24-hour fraud line on 0800 020 600.
What is the Tax Season Scam?

Tax season usually means that phishing scams increase and then banks are being impersonated by fraudsters, advising customers to click on a link to download their IT3(b) Certificates for tax purposes.

How to identify it:

  • Check if the subject header and closing are aligned with the paragraph text.
  • All Standard Bank communication is personalised and will include your name.
  • Check for punctuation at the end of sentences.
  • Fraudsters will ask you to click on a malicious link.
  • Note the fake email address when you hover over the “link” or “click here”.
  • They will ask you to share your OTP. No bank will ever ask you to do this.
  • The message uses outdated branding with incorrect positioning.

What you can do:  

  • Remember, we will never send your income tax certificate via a link in an email.
  • We will never ask you to download your tax certificate, transfer UCount Rewards or share your OTP via an email link, SMS or phone.
  • If you receive an email claiming to be from Standard Bank with an attachment or link for your income tax certificate, do not click on the link or open the attachment and delete the email immediately.
  • Hover over the link to confirm the email address or website is legitimate (check that the website is https and not http), if it is not from a website or email address that you know, delete the email immediately.
  • If you receive a suspicious email containing links, please forward it to [email protected] for shutdown
  • If you need further assistance, call our 24-hour fraud line on 0800 020 600.
What happens if my phone gets stolen?

Your cellphone stores far more information than you may be aware of. A fraudster can access your personal and banking information on your stolen cellphone, which is why it is critical to remember the following:

  • Your phone is like a bank card - you need to keep it safe
  • Immediately de-link your stolen device from your digital banking profile or contact us on 0800 222 050 (South Africa) or +27 10 249 0015 (International)
  • Never save passwords on your devices
  • Always be vigilant when using your phone in public  

How to block your device on the Banking App when your phone gets stolen:  

  • Sign into your Banking App on an alternative device.
  • Tap on “More”.
  • Select “Settings”.
  • Scroll down to “Devices”, then tap on “Unlink” next to the stolen device name to de-link the Banking App from your stolen phone.  

How to de-link your Internet Banking profile when your phone gets stolen:  

  • Sign into your Internet Banking profile on an alternative device.
  • Go to your homepage and select “More”.
  • Select “Settings”.
  • Scroll down to the “Devices”. The device you’re currently using and which your app is linked to will be highlighted in bold. Select “Unlink” to remove the app from the device.
  • Click on “Unlink” to continue or “Back” to exit.  

What strong authenticators can I set up on my Banking App?

Ensure your sign-in credentials on your Standard Bank App are at maximum security by setting up one of the following strong authenticators: 

  • Digit app code
  • Your fingerprint 
  • Face-ID to sign into your Banking App when using a smartphone  

How do I activate strong authenticators on my Banking App?

  • Sign into your Banking App
  • Tap “More” and then click on “Settings” 
  • Select “Sign-in preferences”
  • Add your preferred sign-in method
Spotting a fake Standard Bank email

Fraudsters are sending phishing emails in an attempt to lure you into sharing your banking details. Beware of fake eStatements or bank notifications that require you to take an action like a click-through or attachment to download.

How to tell the difference between a fake Standard bank email from a real one:

  • We will never greet you by your email address. We always use your name.
  • We will never ask you to confirm personal or financial information in an email.
  • Always verify emails telling you about suspicious account activity by calling your bank.
  • Scam emails often look odd, with a messy layout and spelling mistakes.
  • We will never ask you to enter your email address and Internet Banking password to open a statement; eStatements only require you to enter your ID number.
  • We will never link you directly to our Internet Banking sign-in page or any other page that asks for your security or personal details via a link or attachment.
  • We will never email you links requesting your bank sign-in details, such as CVV, OTP or ATM PIN.

How to protect yourself from this type of fraud:

  • Ensure that you use anti-virus software to protect your PC, laptop and mobile devices.
  • Hover over links to check the senders’ identity but do not click.
  • Look for strange links with numbers, hyphens, misspellings or sub-directories.
  • Search for the sender details and verify that they are legitimate.
  • Beware of unexpected emails - Be cautious of opening any emails that you weren’t expecting (even if you think you recognise the sender), and don’t open any links or HTML attachments.

What you can do:

  • Even if you’re unsure, you can send any suspicious e-mails to [email protected]
  • If you are worried that you’ve clicked on any of the links or attachments on a phishing email, contact our Fraud Line immediately on 0800 020 600
  • Delete these emails from your mailbox as soon as possible

View phishing sample emails to learn more.

Business email interception and change of banking details

In this scam, fraudsters intercept client communication i.e. with their lawyers or a similar trusted entity (usually in conveyancing and property transactions). The scam exists to trick recipients into making payments into the wrong bank account.

How it works:

  • The scammers intercept email communications from attorneys or similar service providers.
  • They then copy the letterhead and format of this company and fabricate the email address so that it looks familiar to clients.
  • The fraudulent email will inform clients of a change of banking details and instruct them to make future (or immediate) payments into this new account.
  • This scam has led to great frustration and strained business relationships.

How to identify it:

  • Watch out for uncommon or new elements in your regular business email communications, such as missing letterheads, signatures, etc.
  • Always compare the email address that you have received the information from with previous communications.
  • Confirm banking details telephonically (and be sure to phone the number you know, not the one on the email).
  • Legal firms should inform their clients of this scam and assure them that business banking details will not change.
  • Legal firms must also be on the lookout for strange or uncommon activity on their email servers, including large quantities of mails in their sent items, complaints about spam from their company and high bounce rates on outgoing mail.
View all types of scams
View all types of scams

Stay informed on all types of scams and how to avoid them.