Scammers are now jumping on the opportunity created by the proposed 0.5% VAT increase to steal consumers’ details.
South Africans are warned to watch out for a new scam where the crooks send out a notification that VAT on their premiums will increase, with a few links to click on for more information. However, instead of getting information, the scammers steal your information.
TymeBank is cautioning consumers about scammers using notifications about the VAT increase which is expected to come into effect on 1 May as bait to trick them into parting with their confidential information, such as ID numbers and banking details.
George Wandsella, head of operational risk and fraud at TymeBank, says it is not only banking customers who are targeted. “Anyone who has an account or subscription where VAT is payable, whether it is a mobile service provider, retailer or healthcare service provider is at risk.”
The fake notifications are designed to create a sense of legitimacy and urgency, urging users to click on links to “learn more”, “see updated charges/fees” or “verify their accounts”.
This is an example of a notification sent pretending to be from Standard Bank:
ALSO READ: How to spot the signs and avoid falling victim to online scams
VAT scam: Do not click on any link
Wandsella says these links typically lead to phishing sites created to steal consumers’ login credentials. He warns this latest trend highlights the growing threat of opportunistic cybercrime, with scammers also taking advantage of certain times of the year, such as holidays and tax filing seasons.
“TymeBank has zero tolerance for fraud and we are unwavering in our commitment to protect our customers. We urge them to be cautious and to stop and think before they click,” Wandsella says.
Phishing and vishing are cybercrime tactics where attackers impersonate legitimate institutions, such as banks, in an attempt to trick individuals into revealing personal or financial details, including passwords, card numbers, or one-time passwords (OTPs).
The scammers often use emails, text messages or fake websites made to resemble genuine services.
ALSO READ: Consumer scammed out of R6 million while ‘trading’ on JSE
How to protect yourself from these scammers
Wandsella says consumers can protect themselves from VAT scams and other scams by using these essential security practices:
- Verify all communication: Never share your personal passwords, PINs or OTPs. Reputable banks will never request this information via phone, email, or SMS.
- Activate multiple authentication factors: Use biometric authentication, such as fingerprint or facial recognition, on your banking app to enhance your account security.
- Watch out for SIM swap fraud: Pay attention to unexpected loss of your mobile signal, SMS delivery issues, or unfamiliar SIM notifications as these may indicate a SIM swap. Contact your mobile provider immediately and notify your bank.
- Verify unexpected callers: Even if the caller ID appears to show your bank’s number, remain cautious. Scammers can spoof numbers to look legitimate. Hang up and call the bank using its verified contact details.
- Maintain the security of your devices: Keep your smartphone’s operating system and banking app updated to the latest version to benefit from security enhancements.
- Monitor your accounts: Check your transactions regularly and enable real-time notifications to spot any unusual activity quickly.
- End suspicious interactions immediately: If you receive a suspicious or high-pressure call, SMS, or email, end the interaction immediately and report it to your bank directly.
- Be wary of urgency tactics: Scammers often create a false sense of urgency. Always take time to verify requests, no matter how urgent they seem.
