Skip to main content
man receiving a phishing scam on his phone

19 Nov 2024

Don't get caught by phishing

Phishing remains one of the major online frauds. Let’s talk about being vigilant when you’re online and avoid getting phished.

What is phishing?

Phishing is one of the most common cyberattacks in South Africa and across the world. It’s an attempt by fraudsters to deceive users into sharing sensitive information like passwords, credit card details or personal data.

These attacks aim to steal identities or financial assets and can lead to significant security breaches.

“The phishing modus has been with us forever…fraudsters use it because it has been successful for them.”

 

How phishing scams work

Phishing scams bait you into giving away your personal information, such as your banking details, to fraudsters.
 

lady drinking coffee and seeing a Netflix scam

A fraudster will initiate contact over email, SMS or even a phone call (that’s called ‘vishing’ , and pretend to be a trusted source, like your bank or a popular service provider.

Imagine you get an email or SMS, seemingly from a trusted source, urgently asking you to update your account details or claiming that a package is waiting for you.

Before you know it, you’ve clicked on a link that leads to a counterfeit login screen.  ‘This is what we call phishing,’ explains Kevin Hogan, head of Fraud Risk for Investec (South Africa). ‘It's a sophisticated fraud, leveraging real data to appear as credible as possible.’



Don’t give into panic pressure

Phishers create a sense of urgency, warning of account issues or security threats, and then direct you to click a link or provide details. 
 

lady working on her laptop

These phishing links typically lead to a fake login screen designed to capture your sensitive information, which they then use for financial theft or identity fraud.

Fraudsters are increasingly sophisticated. They often use legitimate tracking numbers and personal information to make their ploys look legitimate.

‘You might provide your username, password or credit card details, believing you’re interacting with legitimate services,’ Hogan says.



How to avoid phishing

Instead of clicking on links, type URLs directly into your browser. Bookmark trusted sites to ensure you're not redirected to malicious ones. Remember, phishing can occur on any device, not just your computer.

Awareness and proactive measures are your best defence in the digital world

Your digital footprint is valuable and protecting it requires constant vigilance. Whether you’re a seasoned investor or simply a casual internet user, understanding the signs of phishing is key to safeguarding your digital life.

 

Top tips

Verify before clicking:

Always verify the authenticity of messages that prompt urgent actions or request sensitive information. Avoid clicking on links directly from emails or SMS. Rather, manually enter the website address into your browser.
Always verify the authenticity of messages that prompt urgent actions or request sensitive information. Avoid clicking on links directly from emails or SMS. Rather, manually enter the website address into your browser.

Use bookmarks for trusted sites:

To prevent accidentally visiting phishing websites, bookmark your frequently used and trusted websites. This practice ensures you are visiting the legitimate site and not a counterfeit one.
To prevent accidentally visiting phishing websites, bookmark your frequently used and trusted websites. This practice ensures you are visiting the legitimate site and not a counterfeit one.

Stay alert on phishing tactics:

Stay informed about the latest phishing tactics, as scammers continually evolve their strategies. Recognising the signs of phishing can prevent potential threats.  
Stay informed about the latest phishing tactics, as scammers continually evolve their strategies. Recognising the signs of phishing can prevent potential threats.
Kevin Hogan image
Kevin Hogan, head of Fraud Risk for Investec (SA)

For phishing to succeed, the fraudster relies on you to take a specific action. Don't let them manipulate you. Be vigilant at all times.

RELATED QUESTIONS
  • What is the difference between phishing and vishing?

    Spear phishing is a more targeted phishing attack that is aimed at specific individuals or organisations, often using personal details to make messages appear legitimate. Unlike general phishing, spear phishing is customised, which increases its believability and effectiveness. The fraudsters typically pose as trusted contacts to deceive recipients into sharing sensitive information or installing malware.

  • Pharming versus phishing: what’s the difference?

    Pharming and phishing are both cyber threats that target sensitive data.

    Phishing tricks users into sharing information through fake emails, websites, SMSes and phone calls. Pharming, however, redirects users from legitimate websites to malicious ones, even if the correct URL is entered.

    Both aim to steal data, but pharming is more technically sophisticated and harder to detect.


Receive Focus insights straight to your inbox

Sending...

Please complete all required fields before sending.

Thank you

We look forward to sharing out of the ordinary insights with you

Sorry there seems to be a technical issue