Fraudsters eagerly await the Tax Season, with the simple intent to defraud consumers, warns Standard Bank’s Fraud Risk Management.
“In many cases we’ve seen in the past, fraudsters deploy bait communication via text, email, WhatsApp or telephone call. The communication may indicate that you have a tax rebate, tax penalty or that you are being investigated for contravening tax laws,” explains Standard Bank’s Head of Fraud Risk Management, Adv. Athaly Khan.
Through these tactics, fraudsters can acquire consumers’ banking credentials, misappropriate their funds or even manipulate them to transfer funds into fraudulent accounts.
Below are some of the most common ways Standard Bank has seen fraudsters try to scam consumers.
Extortion and Secure Account Scams
Fraudsters claim to be investigating the customer’s tax return submission, indicating to have discovered discrepancies that warrant criminal prosecution. They provide fabricated documentation to substantiate their allegations. “Intimidation and manipulation tactics may be used to instil fear and panic so that you can follow their instructions,” explains Khan.
Once satisfied that the customer is convinced, fraudsters usually ask for money to be paid over to them to make the case disappear. Alternatively, they provide the customer with a fraudulent account number to transfer ‘funds potentially due to SARS’ so that the funds are secured whilst they are busy with the ‘bogus’ investigation. In most of these cases they claim to be in collaboration with the bank, law enforcement or regulatory bodies.
Change of Banking Details
Fraudsters send fake communication with banking details, claiming that the customer owes funds to SARS. Some customers may in fact have funds due to SARS, making the communication seem legit. But the account details provided belong to fraudsters, not SARS. They may offer a settlement discount to pressure you into paying quickly without checking.
Phishing, Smishing, Quishing (QR code) & Card Not Present (CNP)
Fraudsters sometimes send communication that includes a link, icon, attachment or QR code, laced with malicious software (malware) prompting the customer to click, download or scan. The malicious software is designed to gain unauthorized access to the customer’s device, including their Digital Banking profile. In other scenarios, customers may be prompted to capture their card information to make payments to SARS, thus compromising their card details.
Key takeaways
- Customers should ALWAYS stop to think and seek advice from their trusted people before making any payment to a person not known to them.
- The bank and other industry bodies have the capability to secure funds directly from your account should there be a need. They would not need the customer to make any transfers to keep their money safe.
- Customers need to ALWAYS validate banking details with the source.
- The bank does offer a business directory for SARS accounts and Account Verification Services (AVS) for the beneficiaries added by customers.
- Customers must ALWAYS be suspicious of links, icons, attachments and QR codes.
- The bank and its employees will never ask you to click a link or scan a QR code to access banking services, be authenticated, redeem UCount points, make payments, order a card, or update your information.
“Nothing is ever what it seems, SARS spoofing will be on the rise, and we need all our customers to have their guards up,” concludes Khan.