Stay alert. Stay informed. Protect your finances against fraud. As technology advances, so do fraud tactics. The security of your story is our top priority. Fraud Hotline: 0800 205 055 cibfraud@absa.africa Absa | Corporate and Investment Banking > Don’t become a victim Keep your accounts safe When it comes to fraud, prevention is always better than cure. The best way to prevent fraudulent activity is to educate yourself on the various tactics that cyber criminals use to get access to you and your personal information. As a trusted financial services provider, your security is as important to us as it is to you. Here, we hope to give you an in-depth understanding of digital fraud, so you can take the necessary steps to keep your finances safe. Types of Fraud Social Engineering Attacks Malware and Cyber Attacks Fraud Scams Advanced Fraud Techniques Financial Document Fraud Social Engineering Attacks Social Engineering Social engineering aims to manipulate, influence or deceive victims to gain access to their devices and thus steal personal and/or financial information. Phishing Phishing refers to the practice of sending emails or alternative forms of communication, purporting to be a reputable company or organisation to retrieve sensitive information. Spear phishing Spear phishing is a more sophisticated form of phishing in which criminals target specific individuals or organisations, seeking unauthorised access to private information. Vishing Short for voice phishing, vishing is when scammers use phone calls to pose as a representative from a legitimate company and request sensitive information like login credentials, credit card numbers or bank details. Smishing SMS phishing or smishing is the committing of fraud by using SMSs to persuade victims to reveal personal information or visit spoof websites. Quishing QR phishing has become a popular tactic in our digital world. Scam QR codes that lead to fraudulent websites or harmful content are embedded in emails or even public spaces. Malware and Cyber Attacks Baiting Baiting is a form of social engineering that uses tempting offers to exploit victims’ curiosity, tricking them into revealing login credentials and giving scammers unauthorised access to systems, thus enabling fraud. Pretexting Pretexting is when cybercriminals impersonate trusted authorities, such as bank representatives or IT support, to gain access to sensitive information and cause financial harm. Pharming Pharming redirects users from legitimate websites to fraudulent ones, intercepting login attempts and leading to unauthorised access, identity theft and fraud. Trojan A Trojan is a computer virus that is often disguised as a trusted email attachment. It installs malware that steals login details and facilitates fraudulent payments without the user’s knowledge. Key logger A key logger is malware that records keystrokes, often installed via email or downloads, allowing cybercriminals to capture and exploit sensitive information. Spyware Spyware is malicious software that secretly collects sensitive data from a business’s computer, enabling fraudsters to access bank accounts and perform unauthorised transactions. Fraud Scams Fraud scams Fraud involving a change of account details uses fake attachments to notify victims of account or banking changes, tricking them into believing the notification is for legitimate business purposes. Internal fraud Internal fraud occurs when employees abuse their position of trust and authority for personal gain. They then commit fraudulent or deceptive actions against clients or the business. Business email compromise Business email compromise (BEC) is a type of cybercrime through which criminals illegally access an email account and communicate as if they are the actual user. It’s a sophisticated scam targeting both businesses and individuals who perform transactions. Deposit and refund scams Fraudsters commit deposit and refund scams by placing orders with fake proofs of payment. They then request false cancellations and refunds before the funds have cleared. Advance fee fraud Criminals advertise goods or services at artificial below-market prices while pressuring victims for upfront payment. Once received, they either vanish or extort additional funds. Invoice fraud Invoice fraud occurs when criminals impersonate suppliers to submit fake invoices with false account details, which aims to misdirect payments. Advanced Fraud Techniques Remote desktop protocol attacks Remote desktop protocol attacks exploit security weaknesses to gain remote access to users’ computers. They pose a major threat, including potential abuse by internal technical support staff. Deepfake attacks Deepfake technology enables criminals to impersonate individuals by using artificial intelligence (AI) to mimic voices and bypass voice recognition security. These attacks highlight the need for multi-layered protection. Financial Document Fraud Incorrect and fraudulent bills of lading Fraudsters forge trade documents like bills of lading to steal cargo. They pose as the consignee or falsify delivery rights to claim goods illegally. Fraudulent guarantees Fraudulent guarantees misrepresent financial strength, collateral or creditworthiness to deceive banks or institutions into approving unauthorised financing or transactions Letters of credit A letter of credit is a bank-issued financial instrument. It serves as a guarantee of payment from the buyer to the seller, provided that the terms and conditions of the letter of credit are met. Learn more about fraud in our financial security articles While fraud is a complex issue, fraud prevention is not. Equip yourself with useful information to ensure your financial security. Social engineering: How attackers manipulate Social engineering involves tactics used by cyber criminals to trick individuals into revealing sensitive information or performing actions that lead to account takeovers or identity fraud. Learn how these manipulative techniques work and how to protect yourself. Phishing: Don’t take the bait Phishing is a deceptive tactic where attackers impersonate trusted entities to steal personal information like passwords or financial details. Stay vigilant against fraudulent emails and messages designed to trick you into giving up sensitive data. Spear phishing: Targeted attacks on your inbox Spear phishing is a more personalised form of phishing, where attackers craft convincing messages aimed directly at you. These attacks are designed to steal sensitive information by pretending to be someone you know or trust. Learn how to spot and avoid these targeted scams. If you suspect fraudulent activity on your accounts, contact our team of experts: Fraud Hotline: 0800 205 055 Fraud Department email: cibfraud@absa.africa To assist us in investigating any fraud reports, please provide the following: SAPS case number, e.g. Johannesburg SAPS case: 535/09/2016 Affidavit Any relevant information you may have, such as: The email purporting to be about an account detail change; Documents purporting to be about an account detail change; and Communications, internet pages or links received relating to account detail changes.
