FANews
FANews
RELATED CATEGORIES
Category Fraud/Crime
SUB CATEGORIES General | 

Guard your personal information with your life

25 January 2011 Gareth Stokes
Gareth Stokes, FAnews Online Editor

Gareth Stokes, FAnews Online Editor

There’s a reason I shred all of my personal documents before disposing of them. Your personal information is valuable in the wrong hands. Imagine, for example, you toss out a credit card or bank statement which subsequently falls into the wrong hands. Suddenly a criminal has personal details including your name, address, bank or credit card account number and details of individual transactions. In a couple of minutes they’ve gathered the same data all those Internet con-artists are “phishing” for.

I’ve discussed the growing “phishing” phenomena in previous newsletters; but after watching a Care Blanch exposé on Sunday night I couldn’t resist revisiting the topic. Phishing is an act perpetrated by a fraudster who sends an email claiming to be from a recognised organisation (your bank, SARS etc) to mislead you into revealing sensitive personal information. And these cyber criminals are getting smarter by the minute, luring unsuspecting Internet users into their web – and fleecing them of thousands of rand per time. What makes matters worse is these crooks are virtually impossible to track down!

Two “phishing” attacks in one day

There are so many of these attacks I don’t even have to trawl through my deleted items to find examples anymore. I received two questionable emails in my mailbox this morning. Here’s the first...

Hello,

James Du Plesis made an electronic funds transfer to your account. The details of this transaction are shown below.

Amount: R39 470.00

Description: PAYMENT

Reference #: TL55

To view the transaction, please https://www.nedbank.co.za

If you have any questions related to this message or the funds transfer, please contact James Du Plesis.

Please do not reply to this message as your message will not go anywhere.

Sincerely,

Nedbank

In my case there were two dead giveaways this was a “phishing” email. The first was that I don’t have a Nedbank account – the second that I don’t use the address the email was sent to. The attempt was wasted on me; but the fraudster doesn’t care, because they’ve sent this message to thousands of unsuspecting individuals. Here’s what they hope happens.

They hope you have an account with Nedbank. And they hope they “catch” you when your guard is down. They rely on your inquisitive nature to hook you and reel you in. “Oh, look,” you might exclaim, “someone’s paid money into my account. Who is this James du Plesis? I better log in and take a look!” And you inevitably follow the convenient hyperlink they’ve embedded in the email. Problem is – instead of taking you to the Nedbank website they redirect you to an exact replica of the site, in this case hosted at the very non-bank URL: http://xxteur-xx-site-internet-design.xx/sys/ nexx/index.xxx (I’ve altered the hyperlink slightly so don’t bother typing it into your browser). You end up inadvertently entering bank account numbers and passwords – which the fraudster uses to clear out your accounts!

Getting taxed twice

The second email I received this morning masqueraded as a tax refund from the organisation each of us loves to hate – SARS… Here’s how this phishing attack was worded:

Dear Customer

An EMP Statement of Account for the Tax payer Attached has been issued by SARS.

Please DOWNLOAD & log into the SARS eFiling system and navigate to the First National Bank to submit your complete information to process your R2,290.00 Tax refunds Today ,The EMP Statement 201 Work Page will appear once you have submit your Bank Information to process your Refunds.

EMPSA for Period 2010/03/01 - 2011/01/31

If you have any queries please contact our helpdesk on 0800 00 SARS (7277)

Best Regards

The SARS eFiling Team

http://www.sarsefiling.co.za

This attack was a lot cleverer than the first! It looks credible with the kind of language you’d expect from the revenue collection services. And the “phisher” uses an actual SARS eFiling link in the body of the email. Apart from the nonsensical refund promise there were two warning sings in this email. The “from” field showed the sender as gxxx@welong.com – and they expected you to follow an html attachment to process the refund. I’m pretty security conscious so I didn’t click on the attachment – but I’m sure it would have taken you to a cloned SARS website where all manner of personal info would be requested.

Follow these rules and you should never fall victim a phishing scam

1. Never give your personal details to anyone unless you are 100% sure who they are.

2. Never engage in conversation (by telephone or by return email) with someone who has sent you an unsolicited email.

3. Never provide your personal details – especially your bank PIN number or password – to anyone.

4. Never log in to your bank account by following a link in an email. ALWAYS type the bank’s website address in your browser yourself.

5. If you receive a suspicious email, or suspect your account has been compromised, telephone your bank’s support immediately (you can also email examples of phishing emails to the accompanying email addresses)

Standard Bank: phishing@standardbank.##.za – or telephone 0800 02 600

Absa Bank: absa@absa.##.za – or telephone 0860 557 557

First National Bank: risk.online@fnb.##.za – or telephone 011 632 2226

Nedbank: phishing@nedbank.##.za – or telephone 0860 115 060

Editor’s thoughts: It’s easier than you think to fall victim to online fraud. To avoid suffering unnecessary loss you should protect your private information, refrain from using public computers for personal banking and maintain your computer’s anti-virus software. But most importantly, remain vigilant at all times. Have you been the victim of an online “phishing” attack? What part of the communication caused you to follow the link? Add your comment below, or send it to gareth@fanews.co.za

Comments

Added by Kevin, 25 Jan 2011
Also be aware of even the bank's web sites. Someone hijacked Standard Bank's web site last week and, if you logged in, who knows what could have happened. Fortunately the phishers made a few errors which made it a bit suspicious. Standard acted on it very quickly.
Report Abuse
Added by N/A, 25 Jan 2011
Any mail that starts " Dear Customer " , I reject immediately . Any supplier of mine knows who I am and will address me by name . They also know what sex I am and will not address me as " Dear Sir/Madam " - kill immediately . If this rule is followed , you will not be caught .
Report Abuse
Added by John, 25 Jan 2011
The Nedbank one is actually very clever. The truth being that their website is actually Netbank with a T instead of the D. So typing in Nedbank.co.za would look real and authentic.
Report Abuse

Comment on this post

Name*
Email Address*
Comment
Security Check *
   
Quick Polls

QUESTION

Is relying on a primary home as a source of retirement equity still a viable strategy for South Africans?

ANSWER

Maybe, depends on location
No, too unpredictable
Not sure, 50-50
Yes, always
fanews magazine
FAnews November 2024 Get the latest issue of FAnews

This month's headlines

Understanding treaty reinsurance – and the factors that influence it
Insurance brokers: the PI scapegoat
Medical Schemes' average increases for 2025
AI is revolutionising insurance claims processing and fraud detection
Crypto arbitrage: exploring the opportunities and risks
Subscribe now