Safety Tips for Holiday Season

2017-12-07 00:00:00.0

The safety and privacy of your personal information and banking details are very important to us. The more knowledge and protection you have, the safer your information and accounts will be. Let us help you stay informed and be aware of common fraudulent behaviours.

HOW TO PROTECT YOURSELF

  • Always be alert: scammers are well known for luring their victims into believing they are from recognised institutions, such as Standard Bank. Do not share any personal information or account details via email or telephonically.
  • Do not click on attachments, hyperlinks or icons in unsolicited emails: Even if they appear to be from Standard Bank. Delete the email immediately and visit your nearest branch, or call us directly to verify the email and information that you have received.
  • Never share personal or confidential details: Do not disclose any personal or account details via email or telephonically, regardless of the information they might have on you.
  • Keep an eye out for spoofed websites: Remember to always type the URL yourself in the internet browser to access the webpage, rather than clicking given hyperlinks.
  • Report suspected fraud: if you think you have received a scam, or been victim to a scam, it is best to stop all forms of communication and report the incident immediately.

Here are a few more ways to keep your banking details protected:

Create a strong password

  • Use unique passwords for each of your important accounts
  • Using the same password across your various accounts is risky. If someone figures out your password for one account, he or she has access to all of your other accounts, including personal details and confidential information.
  • Include a combination of letters (capital and lowercase), numbers and special characters
  • Make sure your password contains at least eight characters
  • Your password should not be obvious so don’t use personal information such as, your name, your family’s names, where you live, birthdate etc. Don’t use simple words or phrases, such as ‘password’, or keyword patterns such as ‘qwerty’. This will only make your password easier to guess.
  • Change your password regularly
  • Your password is the key to your bank account and should be changed at regular intervals. We recommend changing your password every 30 days


Card & Pin Protection
Never disclose your Card number, customer selected PIN number, banking username, password or ATM PIN to anyone. 

Scams
A scam is any fraudulent business or deceitful scheme performed by a dishonest individual, group or company attempting to take money or something of value from an innocent, and often unsuspecting, individual. Since the rise of the internet, new forms of online scams have emerged, and fraudulent behaviour has since increased. Ultimately, it is up to us to stay informed about common scamming activities and be aware and cautious when active and using confidential information online.

What does a scam look like?
Scams come in many shapes and forms—an email, SMS, phone call or malware—and anyone can be victim to one. Scams often ask for your personal details and confidential information and this is the first step to knowing what to look out for.

It could be a scam if:
• The information presented to you sounds too good to be true.
• The offer, prize or communication has come out of the blue and you have not entered the competition or applied for the information that is being spoken of

The message requires a very quick response time to clarify your information or win the prize. This puts you under pressure and doesn’t give you much time to think about the validity of the information or talk to people you trust about the situation.
• You receive the information via a free email, for example, Hotmail, Aim, Yahoo or Gmail.
• You are promised large sums of money for very little, or no effort on your part.
• You are requested to provide money upfront, for whatever reason, before the proposed transaction can take place.
• You are requested to confirm personal or account details via a hyperlink, icon or attachment in an email or telephonically.

Types of scams:
Holiday scam
A holiday scam seeks to exploit potential holiday makers by falsely advertising ideal holiday packages, accommodation or timeshare on the internet via legitimate-looking, professional classified adverts or websites.

You come across a website or are sent an email promoting an incredible holiday package. The deal is only running for a couple hours, so before time runs out, you quickly purchase the accommodation package through the website, which you believe to be genuine, using your credit card details. The purchase goes through; however, you never receive the package you paid for. The website, and deal, was fake. The holiday scammers now have access not only to your funds but also to your bank account details, which they can use fraudulently.

How to identify a holiday scam

  • If the holiday package sounds too good to be true, it most probably is.
  • You come across the accommodation deal on a website you do not recognise or are sent the promotion via an unsolicited email.
  • The URL begins with ‘http’ not ‘https’.
  • There is a sense of urgency with the holiday deal: you only have five hours left before the deal closes, or there are only two packages left. This doesn’t give you much time to think about the situation at hand or talk to the people you trust.
  • You are encouraged to disclose personal information quickly online.
  • In the email you receive, you are required to click on the hyperlink, attachment or icon to view and pay for the holiday package.
  • You are unable to contact a reputable agency to confirm the holiday package. The contact details include foreign phone numbers, or the owner / property manager is not responding to emails.


Online Shopping
Online shopping allows consumers to buy goods and services directly from a merchant over the internet. While shopping online has many advantages—convenience, speed and a wide selection—online shopping also has its downfalls. As with anything you do online, any time you need to provide personal details such as your email address, phone number and bank card information, you need to be vigilant and aware of online scams and fraudulent activities common to the online world.

While the benefits of online shopping are considerable (convenient, extensive information and customer reviews and wide selection, amongst many other things), it is imperative to be aware when using online shopping platforms as online fraud is one of the most widespread forms of cybercrime. Click here to read more about online scams.

How to avoid online fraud

  • Make sure that the company is reputable
  • Make sure that the company is reputable: only purchase goods and services online from companies that you recognise and trust. If you are unsure of an organisation, ask around.
  • Ensure the site is secure
  • Ensure the site is secure: look for security symbols such as an unbroken lock or key and that the URL begins with “https” not “http”, this means that no one but you and the merchant can view your payment information.
  • Read the retailer’s privacy policy:
  • Read the retailer’s privacy policy: ensure that the online retailer has an acceptable and visible privacy policy posted on its site. If the retailer does not explicitly state that it will not share private information with others without your knowledge and consent don’t disclosing your private details.
  • Keep a record of your transactions: save and print all online confirmations of your orders. Check your bank statements regularly and report any suspicious activities to Standard Bank immediately.
  • Never pay for goods or services over email:
  • Never pay for goods or services over email: paying via email is not secure. You should never send payment information such as your card details and CVV number via email.
  • Never disclose any confidential information:
  • Never disclose any confidential information: don’t tell the merchant any passwords or PINs. This information is for your use and knowledge only.
  • Avoid using public computers: don’t use public computers (e.g. internet cafés) for personal and online banking including online shopping as they may contain spyware. 


What is a SIM swap scam?
In a SIM swap scam, scammers perform a SIM swap without your knowledge, allowing them to intercept phone calls, SMSs and messages.
Typically, the SIM swap takes place after the scammers have received your login details as a result of you responding to, for example, a phishing email. Once scammers have access to your cellphone number and other personal information, they can pose as you and request a new SIM card from your cellular service provider. They will then have access to your phone calls and SMSs, including the OTP SMS facility as well as any other notifications they could use to their fraudulent advantage.

How to identify a SIM swap scam
You are suddenly no longer receiving calls or messages on your cell phone.
You do not receive the OTP you have requested, even when trying a second time.
Your cell phone suddenly has no network signal in a usual network area 

Phishing
Phishing is an email scam, where fraudsters send emails to individuals and claim to be from a reliable organisation, such as a banking institution or an email service provider.

The email will attempt to trick you into supplying your account information for a number of reasons, such as your account information needing to be updated or validated, by asking you to click on a link or icon found within the email. Once clicked on, the link will launch a fake website that resembles a real website. On the website, you will be asked to share your personal bank account information, such as your username or password for your online banking profile or email account, or even your cell phone number and bank card details. Any information that you share on the fake website is captured by the fraudsters and then used to defraud you.

How to identify a phishing scam
There is usually a sense of urgency in the email, followed by a threat—the suspension of your bank account, for example—and you are required to respond quickly. This doesn’t give you much time to think about the situation at hand or speak to people you trust.
The email states that you have been a victim of fraud, or have received funds, and you need to log in to your accounts ‘here’ to report the incident and cancel your bank card, or give permission to release the sum of money.
You are required to supply your personal and account details via a hyperlink, attachment or icon, provided in the email.

Vishing
A vishing scam is a common electronic technique that attempts to access your personal and account details using a telephone call.

You receive an unverified SMS stating that a Standard Bank official will contact you shortly to update or verify your account details and personal information. The scammers then contact you telephonically asking you to update or verify your information. You oblige, providing them with all the necessary information they need to access your bank account. Remember, Standard Bank will never ask for your banking details, password, PIN or One Time Password (OTP) over the phone.

How to identify a vishing scam
There is a sense of urgency in the phone call, followed by a threat: your account will be suspended should you not supply or verify the necessary information immediately. This doesn’t give you much time to think about the situation at hand or speak to people you trust.
You are requested to update, verify or confirm your personal account information such as bank account number, PIN and/or password telephonically.

Smishing
A smishing scam attempts to access your personal and confidential information via an SMS.

You receive an SMS proposing to be from a recognised organisation, such as Standard Bank, requesting you to contact a toll-free number. When contacting the toll-free number, you’re met by a fake automated voice-response system prompting you to provide sensitive details such as your account number, password and PIN. Once the necessary information has been supplied, the scammers have access to the details and can use the information as they wish. Remember, Standard Bank will never ask for your banking details, password, PIN or OTP over the phone.

Smishing scams are becoming more common, as well as dangerous, owing to the increased popularity of mobile banking. Nowadays, people use their smartphones for everything including online banking, so there is a lot of sensitive information at risk if the phone is exposed to fraudulent behaviour.

How to identify a smishing scam
There is a sense of urgency, followed by a threat—if you don’t update or verify your information now, your account will be suspended—and you are encouraged to respond quickly. This doesn’t give you much time to think about the situation at hand or speak to people you trust.
The SMS requests you to call a toll-free number.
You are required to update, verify or confirm your personal details and confidential account information, such as bank account number, PIN and/or password, telephonically.

Spoofed website scam
A spoofed website claims to be the legitimate website of a particular organisation, and is set up to mimic the original website.
Spoofed websites usually have similar logos to the original organisation that they are mimicking and, in some cases, may even be identical. Typically, the intention of a spoofed website is to associate a scam with a reputable institution, and is set up to validate other scams such as the 419 or phishing scam.

 How to identify a spoofed website scam
You are required to click on a hyperlink, attachment or icon provided in an email you are sent directing you to the spoofed website, rather than typing in the URL directly into the browser.
You are required to disclose personal details or account information on the website you were directed to via the email you receive.
The spoofed website, accessed via the given hyperlink in the email, does not have one of Standard Bank’s official website addresses or URLs that you usually use to access information or use to access online banking

Identity theft
Identity theft is the theft of personal information—ID, passport, driver’s licence, payslip, municipal bills and bank statements—to be used for illegal, fraudulent purposes. Details can be retrieved by stealing your wallet or purse, which may contain your ID, credit card as well as mail containing bank and credit card statements. Fraudsters are also known for rummaging through dustbins looking for private documents containing personal information and can even intercept confidential emails. Also be vigilant when completing your personal information on a form so individuals who physically observe you and watch your keystrokes as you enter your personal details and banking information do not gain access to this sensitive information.

How to protect yourself against identity theft
Manage your personal information wisely. Store personal and financial documents away safely.
Destroy personal financial information by tearing, shredding or burning before throwing it away.
Monitor account statement cycles so that you know when you can expect your statement as well as when they have not arrived.
Don’t carry unnecessary information in your wallet or purse.
Create strong PINs and passwords: don’t use obvious choices such as birth dates and first names, and keep PINs and passwords safe.
Never disclose personal information by email or telephone.
What to do if you are a victim of identity fraud

Dating and romance scam
A dating and romance scam typically attempts to play on an individual’s emotional and compassionate side in an attempt to steal funds.

Scammers create fake profiles on legitimate dating websites or social media platforms to meet new people and, in time, lure them into their con. They will invite you to be their friend or talk to them online and are experts at sharing fake personal information in order to build trust and create a relationship with you. Once they have established the desired connection, they may try to convince you to send them money, or disclose sensitive information, either to help them out of a personal crisis or so that you pay for their travel expenses to apparently visit you. Once you have sent them the funds, it is likely you will never hear from them again.

How to identify a dating and romance scam
You receive a friend notification or invite from an individual you don’t recognise or know.
You have only spoken to the individual online via a dating website or social media platform.
You have never met in person, only conversed online, and they are asking you for an upfront payment or to disclose sensitive details.
You notice an inconsistency in the communication that is sent to you.
They have an out-of-the-ordinary job—they work in the army or air force—and need you to help them financially.

Deposit and refund scam
The deposit and refund scam attempts to steal goods or services from a business without actually making the necessary payments.

Scammers will order goods or services from your business, supposedly making the payment into your account. This is done mostly by means of a fraudulent or stolen cheque. A fake proof of payment is then sent to you, and your business delivers the goods to the perpetrator. Later on, it is uncovered that the cheque is fraudulent and that no funds were transferred to your business’ account. In other instances, the scammer may cancel the order and request an urgent refund.

Alternatively, scammers may also deposit a fraudulent cheque into your account only to then contact you stating that they ‘mistakenly’ deposited funds into your account. The caller will ask you to refund the amount immediately, and will send you the proof of payment.

How to identify a deposit and refund scam
You are requested to refund an individual urgently after he has cancelled his order, or the payment is made in ‘error’.
You are requested to refund an individual urgently before you have time to verify with Standard Bank that the deposit was made into your account and that it is indeed valid.
You don’t know the supposed person requesting the refund.
You are not sure whether the payment is a cheque deposit or not.
You are unable to phone the requestor on a predetermined number to confirm the request

Change of banking details scam
A change of banking details scam attempts to steal funds through supplying false information of a change of bank account details.

You receive an email, letter or fax supposedly from a recognised supplier. The communication informs you of a change in bank account details and asks you to update your records accordingly. These ‘new’ bank account details are, however, false. Your monthly payment is therefore paid to the scammer and not your supplier as originally intended. Always be wary of changing account details. If a request is received, before changing anything, first confirm with the respective supplier, with a contact you trust, in writing or by telephone.

How to identify a change of banking details scam
The request you receive to change your supplier’s bank account details doesn’t come from your usual ‘contact’ or point of contact at the supplier.

The request for change of bank details wasn’t made via official correspondence or using the contact details that you have in your database.

Key logger scam
A keylogger scam is a software or hardware computer program that records and logs every keystroke entered on the particular computer. The keylogger helps scammers to save and gain access to confidential information.

Once a keylogger scam has been put in place, scammers can access the keystroke details via a file on the respective computer, or can have the details sent to them anonymously via email. The keylogger records every keystroke entered on the computer, including personal and confidential details such as passwords, PINs and usernames. This private information can then be used for fraudulent activities.

Keylogger scammers often target internet cafés, owing to the convenience of the computer terminals and anonymity attached to them. Scammers insert the spyware into the computers, recording every keystroke typed on the various keyboards. The keyloggers log any information and actions taken on the computers including private login details for internet banking profiles, email account profiles, Facebook profiles etc. and then forward the recorded details to the scammers at large, enabling them to log in and access the respective profiles.

How to identify a keylogger scam
Keyloggers could be hidden in an email attachment, can be installed via a memory stick or can be installed via rogue apps and malicious websites. Be wary when other untrusted individuals use your computer, for whatever reason.
Always be alert to computer hardware or software changes.
Be cautious when using internet cafés. Don’t disclose any confidential information on a public, unfamiliar computer.

You have received an unfamiliar email containing unknown attachments and hyperlinks. Don’t open any emails, attachments or hyperlinks from unknown sources.

419 Scam
A 419 scam, or advance fee scam, is a form of upfront payment or money transfer scam.

You receive an email, fax or letter containing an offer promising you large amounts of money (via an inheritance, lotto winning etc.). In order to gain access to the funds, you are requested to pay an upfront fee. Various reasons are given for the upfront fee including exchange control fees, customs duty fees and bank charges. Although the exact details of a 419 scam varies, very large amounts of money are usually involved. Essentially, once you have made the advance payment, the scammers has received everything that they want from you and may cease communication. Needless to say, the promised transaction never takes place.

419 scammers are also known to create spoofed websites in an attempt to validate the intended 419 scam. In addition to the email, you may be given login details for a false website that appears to be Standard Bank’s internet banking. The fake webpage will show you your inflated bank balance. The hope is that if you see a larger bank balance, you will more likely fall victim to the 419 scam.

How to identify a 419 scam
Out of the blue, you receive an unbelievable promise of large sums of money (usually millions of dollars or pounds) for little or no effort on your part.
You have no idea where this proposed money is coming from.
You are requested to provide money upfront, as a processing or administration fee, in order to access the funds.
There is usually a sense of urgency, followed by an emotional bribe (someone has passed away or is suffering from an illness), prompting you to respond quickly. This doesn’t give you much time to think about the situation at hand or speak to the people you trust.
You do not know the people who have sent the communication, although they usually claim to be in a position of authority from a trusted organisation.
You are required to supply your personal and account details via a hyperlink, attachment or icon provided in the email.

Card Fraud
Card fraud is the unauthorised use of your credit or debit card, following the theft of your personal information and bank details. Always be cautious when using your banking cards, especially at ATMs, as fraudsters use a variety of card fraud methods to deceive their victims.

Card skimming
Card skimming is the illegal electronic duplication of your credit or debit card and a card has to be inserted into a skimming device in order for it to be copied. Victims of this fraud are usually unaware of the banking transactions until they receive their bank statements, or payment notifications, showcasing the transactions that they didn’t make.

Card swapping
Fraudsters attempt to distract you while at the ATM, or when conducting a bank transaction, swapping your bank card for a counterfeit card without your knowledge. Card swapping fraudsters are known to work in groups as it is easier to distract you and retain your card and information or when someone physically observes you and watches your keystrokes as you enter your personal details and banking information.

Card not present (CNP) fraud
CNP fraud takes place when neither the card nor the cardholder is present whilst conducting the bank transaction. Fraudsters may memorise or write down your card number, expiry date and CVV (three digits at the back of your bank card) without your knowledge when your card is handed over for payment. With this information, criminals are able to transact fraudulently on the internet or phone as if they are the genuine cardholder.

How to protect yourself against card fraud

  • Stay alert at all times when using your cards and making payments.
  • Always be vigilant while using ATMs.
  • Remain aware of your surroundings and don’t allow anyone or anything to distract you. If you get distracted during your ATM transaction, cancel it immediately.
  • Change your PIN immediately if you believe it has been compromised.
  • Stand close to the ATM and cover your PIN when punching it in.
  • Create strong PINs for your various accounts and don’t use the same PIN for your different accounts
  • Don’t request or accept help from anyone while at an ATM.
  • Never force your card into the ATM slot as it might have been tampered with.
  • Don’t let your card out of your sight when making payments and ensure that you get your own card back after every purchase.
  • Review your account details and transactions on a regular basis. Query any disputed transactions with Standard Bank immediately.
  • Shred or tear up your card receipts and statements before you discard them.
  • Always check transaction slips for correct purchase amounts before signing them.
  • Make use of any additional Standard Bank security features, such as MyUpdates and One-Time Password (OTP), so that you are alerted to any account movements in real time.


How to protect yourself against cheque fraud

  • Always keep your cheque book, cancelled cheques and statements in a safe place.
  • Don’t sign blank cheques.
  • Report lost or stolen cheques and cheque books to Standard Bank immediately.
  • Check your cheque statements every month and do a reconciliation.
  • Always collect your new cheque book yourself.
  • Provide Standard Bank with up-to-date signatures of everyone who is entitled to sign cheques on your account.

When writing your cheques

  • Always complete beneficiary details in full.
  • Include your account details when making account payments.
  • Use crossings accordingly.
  • Familiarise yourself with different banks cheque layouts.
  • Write clearly with a non-erasable ballpoint pen; this will make your cheque difficult to alter.
  • Write the full names of the payee and spell them correctly. Avoid using abbreviations.
  • Do not make any corrections or alterations. It is best to cancel it and write another cheque.
  • Never leave large spaces between words and draw a line through any unused space to ensure that nothing can be added to the cheque.
  • Remember to always sign your cheque correctly and clearly.

Sign up for our payment notifications:

MyUpdates
Our MyUpdates option allows you to keep in touch with what is happening; you will receive SMS and email alerts for every transaction that takes place on your account.
Operational alerts
Always know that your banking applications are in working order.
Email statements
Have your bank statements emailed to you.
Incident Reporting
How to report an incident of fraud on your account

STEP 1: Immediately call Standard Bank’s toll-free fraud line on 0819286 to report fraud or theft. Please have your card or account number or identity number on hand.

STEP 2: Provide the Standard Bank official with as much information as possible about the incident including what personal and banking details have been compromised.

STEP 3: If you require a new card, remember to have your new card linked to your internet banking.

STEP 4: Standard Bank will need to investigate your reported incident before reporting back to you. Please be patient and allow time for the investigation to take place. To follow up on your incident, please call 0819286.

Lost card protection
Lost card protection is a free banking service that protects you against loss caused by fraudulent use of your card if it is lost or stolen up to 24 hours prior to first reporting the incident to Standard Bank.
If you have two cards and one of them is reported lost or stolen, do not use the additional card. If your card is linked to a garage card, do not use your garage card until a new number has been allocated to you.
If you suspect your personal information or banking details have been compromised, if you have lost or had your bank cards or cheque book stolen or if you have been a victim of any banking crime, please call Standard 


Sharesocialicons