Category Fraud/Crime

Forget inflation – fraudsters are after your cash too!

03 December 2007 Gareth Stokes

Does the following email excerpt look familiar to you?

“Dear ABC Bank Online Account Holder,

“Due to multiple login attempt error while login in to your online ABC Bank account We have believed that someone other than you are trying to access your account.

“For security reasons, we have temporarily suspend your account and your access to online banking will be restricted if you fail to re-confirm your membership details.

“Confirm your ABC Bank Online Account now to enjoy the benefits of online banking and finance and to avoid fraudulent activities on your account.”

We would be very surprised if any of you answered “no”. The reason is that in today’s online world, anyone with an email address can fall prey to technology savvy fraudsters. And one of their major focus areas is the world of online banking. They use techniques known as ‘phishing’ and ‘spoofing’ in an attempt to get information which they use to compromise your Internet bank account and steal money right from under your eyes.

Usernames and passwords are the holy grail of computer crime

Forget the computer geeks and hackers romanticised in modern cinema. The people trying to steal funds from your online bank accounts are not super-smart computer nerds. They don’t need an intimate knowledge of secure socket layering and 128-Kilobyte encryption in order to hack your bank’s computer system. Instead they rely on you to supply them with your login details. They simply steal your ‘key’ and gain access through the front door.

Criminals set up an exact replica of your bank website. If you follow the link provided with the above email you are led to a dummy site which is of such quality you would hardly notice the difference. And it is then that you unknowingly provide an Internet fraudster with all the details they need to gain access to your online bank account.

Banks have been warning clients for months that they will never request logon details by way of an email. And they have repeatedly warned clients not to supply personal details in this way. This means you should be extra vigilant – because we are fast approaching a time where banks will be less accommodating should you become a victim of computer fraud. We have already noticed a number of banks requesting you read and accept disclaimers on this issue.

Ways to prevent online fraud

There are a number of precautions you can take to ensure you don’t become a victim of this type of scam. Top of the list is to protect your usernames and passwords at all times. Never save your passwords on your PC and make sure they have been carefully chosen, avoiding personal facts like pet’s names and birthdates.

As a rule, never provide your usernames or passwords to anyone. This includes responding to emails that request you to update information – even if they appear to be from the bank. If you are in doubt, telephone your bank’s support desk. But the rule is NEVER supply your username and password unless you are logging in to the bank’s website. A good way to ensure you are always at the bank’s website is to type the web address into your browser rather than following the link from a dodgy email.

And obviously use as much of the technology available to ensure you don’t fall victim. Most banks offer some form of validation system whereby additional key-codes are sent to your cell phone when transaction with ‘cash’ implications take place. You can then contact the bank should you become aware of any attempt to (for example) add a beneficiary on your account without your knowledge.

Conventional scams still rife

Unfortunately the focus on prevention of online fraud has diverted attention from the everyday fraud and theft that plague local business. The classic “over-deposit refund scam” is still doing the rounds. Fraudsters use a combination of tactics to steal funds using this technique. They gain the victim’s trust by pretending to be a potential client or a company with which the victim often does business.

The latest instance involves fraudsters who claim to be from Eskom and Telkom. They contact you to advise that a certain client has paid funds into your bank account in error – and demand that you refund the amounts. Of course you immediately check your bank account to determine that there has indeed been an incorrect ‘deposit’. We have heard from some near victims that the fraudsters become extremely aggressive in demanding the refund, often phoning two or three times a day to find out when you will process it. Whatever you do, hold on to these funds until they clear in your account.

If you refund the amount immediately you will soon receive a call from your bank advising that the deposit reflecting on your account has been reversed and that the cheque used to make the deposit was ‘stolen’. So whether you bank online or conventional methods are sure to act with proper care. There are thousands out there with a mind to get hold of your hard earned cash.

Editor’s thoughts:
Cheque fraud used to be the number one concern of private bank users. There was (and still is) a high risk of parting with goods in return for a stolen cheque. Cheques have been so compromised that many companies simply refuse to accept them as payment. Today it seems Internet transactions are being targeted. It starts with a compromised bank account; but will soon have to include ways to ‘use’ the stolen cash. Has your Internet bank account ever been compromised? Add your comments below, or send them to


Added by Riaan, 03 Dec 2007
Hi Gareth, I think it is great that you keep your readers informed of the type of scams out there. Please allow me to share one or two more things with regards to doing online banking: 1. Always ensure that the URL in the address bar is in fact your bank's URL. Fraudsters find it very difficult to get this right. 2. Secondly, when you do online banking (or purchasing) it always happen through SSL (secure socket layer) as you correctly mentioned. a Qiuck way to determine of you are on a secure site is to check the URL. It will start with https:... Please note the "s", as this indicates "secure". Your browser should also display an image of a lock somewhere, which indicates that you are on a secure site. Keep up the great work and a happy holiday season to you all!
Report Abuse

Comment on this post

Email Address*
Security Check *
Quick Polls


The shocking crime and motor vehicle accident statistics shared during a recent SHA presentation suggests that group personal accident and personal accident cover are a no-brainer. Do you agree?


Not sure
fanews magazine
FAnews April 2024 Get the latest issue of FAnews

This month's headlines

FAIS Ombud lashes broker for multiple compliance blunders
TCF… a regulatory misfit initiative?
The impact of NHI on medical malpractice insurance
Fixed versus variable: can you have your cake and eat it too?
The future world of work
Subscribe now