Fraudsters and scammers are always looking for a way to make money quickly – and that often involves targeting you for your information and money. Online shopping has become the norm for many South Africans over the past two years - and fraudsters have taken notice.
Judy Winn, Peach Payments Head of Information Security, shares her tips for consumers on how to stay safe ahead of the Easter holiday season, and all year round.
Public WiFi hotspots – be wary of performing online banking, or any other sensitive online activities over public WiFi hotspots. Fraudsters can set up fake, and enticing hotspots to get you to connect to their shared WiFi, often by mimicking the names of the restaurants or shops in the vicinity. Anything you do on the internet will be visible to them (including your online banking username and password) as they are sitting between you and the internet. If you are out and about, and need to access your online banking, rather use your mobile data. Even better, many banks have made their banking applications zero-data accessible.
Virtual Cards – many banks nowadays offer an option known as a virtual card. As opposed to using your physical card details online, you can make a once-off use card for a specific purchase. You also have the option to add a specific amount of money to the card, which significantly reduces the risk of monetary loss should the card details be compromised.
How to tell if a website is legitimate? This one can be quite tricky, as some fraudsters can make very convincing website lookalikes, as well as seemingly valid stores. One way to check the legitimacy of an online company is researching their reputation.
Try to answer questions such as: Do they have any reviews that you can find on Google or sites like Hellopeter? Do they use a reputable payment gateway? Were the reviews generally good, or mostly complaints? Has the organisation responded to any feedback? Do they have an active social media presence? Does the company provide a way of contacting them? Does the deal they are offering seem too good to be true?
If you can’t get concrete and comforting answers from doing research to answer these questions, then rather err on the side of caution and don’t use the site. See if you can find a trusted, alternate site that is selling the same product you want.
Suspicious phone calls – sometimes fraudsters will phone you and pose as the fraud department of your bank. They often claim to have detected fraudulent transactions on your card and then try to trick you into providing various types of sensitive information, including your residential address, for delivery of the “new” card. If you get someone alleging to be from the bank calling you about fraudulent transactions on your account, don't give them any details. Rather end the call and instead phone your bank's fraud department directly from their listed number and make enquiries with them. Log into your online banking securely to check your account to verify the claims made.
Secure Connection (Website lock) - The little lock that you see to the left of a website address essentially means that the information you enter on the website will be sent in an encrypted format – meaning that no one else can read the information you have entered while it is in transit.
Phishing & smishing – be extra aware of possible phishing attacks and other scams that can be delivered by email or SMS. These messages generally invoke some type of emotional response, to get you to let down your guard. It is normally something that involves a panic response – such as “your account password has been compromised, login here to reset your password”. To stay safe, never enter any sensitive information (including your banking credentials) in a link that you opened via email or SMS. Never call numbers provided in SMS or emails – rather Google the official numbers of your bank or organisation, from their official website. Never disclose your online banking OTP to anyone either. Ever. Your bank will never ask for it and if you are asked for it you should immediately be suspicious.
Selling something and receiving EFT payment – if you want to sell something of yours through advertising online, be cautious when accepting EFT payments. Ensure that you have definitively received payment and that the money reflects in your account, before sending or making the product available for collection.
Waiting a day or two to be sure the money has come through can be a safe bet – this is important if someone uses a deposit via a fake cheque, that later bounces. Cheque fraud has been reduced, with many banks discontinuing physical cheques, but it can still happen. If in doubt, rather call your bank to verify funds. If the person becomes very aggressive or threatening, they are likely trying to scam you.
Scammers will also send fake Proof of Payment documents or messages so it is safer to ensure the funds are received first before handing over goods. In addition, never allow strangers to collect goods from your residence - this discloses your address. Rather arrange to have the product couriered, or collected in a public place.