Do you have enough money?
Majority of people would say that a little bit more money could be very useful, maybe for a nice holiday or a new car. This is just the way people are. Money makes the world go round…
Scamming is an “Art” of convincing people to hand over their money to the scammer. Scammers use various techniques build an relationship with the victim,
Scammers use various techniques, including “GREED” to pray on people, they know that you need more money so they create a certain action (E-Mail or SMS) where they ask you to do something for them. Example .. In majority of scams the scammer will ask the user to click on an link that they provide. This link will redirect you to their page which fake page of the original.
General Indications of a Scam
- You have received communications from an individual (who is always fake) offering you something that you need or want (money)
- When they ask for your banking or personal information
- Claim that they have lots of money, or ties to huge financial funds. They will even provide you with authentic looking fraudulent documents (bank letter) including logos.
- Ask you to travel
- Ask you to pay certain fees for taxes, attorney fees, transaction fees or bribes. Payment is then done using Western Union Transfer, or even Bitcoins
What is Phishing
A phishing attack is where the attacker create a fake internet banking page, or a fake facebook login page. This page will then be hosted somewhere on the internet. the link to this page is then send to the victim. When the victim open the email they will be greeted with a story where they explain that you could earn a lot of money very quickly. Or that you have won a lot of money (The UK Lotto).
The Victim then click on the link as is greeted with the fake page of the bank, the victim then enters their banking details into this page, after this an error is displayed and the user is re-directed to the main bank webpage where they then login and notice that money has not been received.
The attacker will then use the Victims login credentials to login to the correct bank website. here they will then attempt to create a beneficiary to transfer the money out of your account.
Example of an SARS Phishing attack.
SARS LOGO Dear (Username or email address)
SARS has completed your tax return.
An amount of R17 463.24 was paid into your bank account.
To verify that you have received the funds it is required for you to login to your online banking system.
In the event that the money does not reflect, please allow up to 48 hours as the transfer has been done today.
Please Select your bank from the blow Logo’s and log in to your bank.
Logo of ABSA bank Logo of Nedbank Logo of FNB Bank Logo of Standard bank
These logos will include a link to their fake bank page, once you then login to their fake page they capture your online credentials.
The SARS E-Filing Team.
What kind of scam’s do you get
Facebook scam ( Like Farming )
Scammers copy your details that you have entered into profile, they will then create a separate profile with similar details, they will then make contact with your friends and tell them a something happened to you and that you need money urgently. Your friend want to help you by providing money, he transfer the money only to find out later that you never asked for the money.
Internet Banking scam
You receive an E-mail from your bank stating that “Bank” has detected a calculation fault in your monthly fees that you have paid to the bank over the last couple of years. As a result of this the “BANK” would like to refund your a amount of R19 232.98
The scammer will then provide you with an link to their fake bank website and ask you to login to your bank and confirm your details. This is where they will ask you for your personal details.
Attatchemnt (Pdf, Docx, XLS) in your email.
The attacker / scammer would like to gain access to your personal computer. In this attack they require you to open a file (PDF ) that contain the letter that has been send. This PDF contain malicious code that will exploit your local adobe/foxit reader. Once this has been completed the attacker will have complete control over your personal computer.
419 scams (Named after the section of the Nigerian penal code which addresses fraud schemes)
Sakawa Definition “Coming” Search www.youtube.com for “ghana internet scams” to find out more
Sakawa scammers recon that it is their right to scam people purely because of the colonial fathers that milked Africa (sakwa scamming) and this is their payback.
The scammer will copy information from a real internet dating site, paste this then into social networking sites to build a relationship with yourself. As the relationship is build the scammer will introduce himself as a very rich person or dealing with gold…. they will then start to make demands. As a reward for this demand they will offer you a portion of their fake money. You will then be required to perform another action whereby you need to pay a certain fee over to them. This is where they then dissapear with your money
They will also play with your emotions, asking you to send them money. And the scary thing is that they are successful with this.
In certain cases they ask you to provide them with your credit card details, which they then use to busy stuff for themselves.
- Communication is typically started trough social networking sites.
- Urgency of this letter
- Confidential nature is stated, they do not want you to report this.
How do you protect yourself
- Never provide 3rd parties with your banking details. Here is a example… You receive an E-mail from a fake SARS email address claiming that they have paid a amount of money into your bank account. The scammer will then provide you with a link, this link claims that it is from your bank but it is not. It will direct you to a fake banking website where they capture your login credentials. These details will then be used to login to the real bank website.
- NEVER CLICK ON LINKS that are send in E-mail or from un-known people. Scammers will think of very crafty E-mails into tricking the user to click on the link. This link could install malicious code on your computer or ask your to perform an certain action. Always type the link in the URL bar of your browser
- Verify the details of the user or organization that you are going to deal with.
- If it sound to good to be true, it is
- Never pay for something in advance
- NEVER CLICK on links that are send in Emails or links that are provided in Social media sites.
- The bank will never ask you to confirm or update your details via email.
What to do when you receive a scam letter
Please refrain from responding to these type of e-mails
G.T.S.P perform analysis on these scam / phishing kits, please forward us a copy of these scam’s or phishing emails that you have received.
You can send the malicious link/scam/phishing mail to scams [at] gtsp.co.za
You can also forward all 419 scam e-mails/correspondence directly to firstname.lastname@example.org (Commercial Branch, South African Police Service). Please mention whether or not you have incurred any financial loss.