Online fraud is on the increase, and everyone needs to watch out for a potentially very nasty email or SMS scam known as ‘phishing’.
What is phishing?
Phishing is a method by which fraudsters try to obtain personal information, such as usernames, passwords, bank account details and credit card details. The information can then be used to steal money from victims of the scam.
Phishing attacks are often conducted via email, although some fraudsters have been known to send text messages, or to phone people directly and try to obtain their details. The message is designed to make it appear that it has come from a bank, a lender or another financial institution.
How might a fraudster try to trick you?
In order to persuade you to disclose your personal information, a fraudster might claim for example that your account has been the subject of a security breach, and that they therefore need you to confirm your personal details. Alternatively, they might say that a fault has been detected on your computer, and that they need your bank account details from which to take a payment to fix it.
Phishing attacks can be very sophisticated, in that the message might contain a link to a website which looks like that of a bank, or another financial company. However, the site will actually be a cleverly disguised copy of the real website.
What might be suspicious?
- The message purports to be from a bank/company you have never previously dealt with
- The message has not been sent from a business email address – it might be from a personal email provider such as Gmail or Yahoo
- The message contains spelling and grammar errors
- The message does not address you by name, it might instead start ‘Dear Customer’ or similar
- The website that the message directs you to allows you to log in even if the password you enter is wrong
How can you protect against attacks?
Ways to protect against phishing attacks include:
- Set up a spam filter on your email account
- Never disclose personal details or passwords to anyone claiming to be from your bank, or any other company. A genuine financial organisation will never phone or email to ask for information of this kind
If in doubt as to who has really made contact with you, phone the company the sender is claiming to represent. Make sure you call the main customer contact number of the company, and don’t call any number given in the suspicious message
Wonga’s name used by phishing fraudsters
Wonga SA has warned its customers of a phishing scam in which people were duped into disclosing their personal information, believing that they were dealing with Wonga. The company has launched a dedicated fraud hotline that people can call if they believe they have been a victim of the scam. No leak of Wonga customer data occurred.
Wonga’s Head of Customer Operations, Justin Taylor, said:
“Wonga does not send any unsolicited direct marketing, either through SMS or email, to any consumers in South Africa. The business receives on average 300 complaints weekly from consumers who have been sent the unsolicited notifications by a third party under the auspices of the Wonga brand.
“While we have posted messages on our internet platforms and taken out adverts warning consumers about this scam, we as a business are going one step further by helping victims restore their good name and credit record. Especially where consumer information has been used in identity fraud, we want to do the right thing.”
Has someone tried to swindle you in this way? Have you perhaps fallen victim to a phishing fraudster? Let us know in the comments below.