Get Focus insights straight to your inbox
Listen to the podcast
Learn more about safeguarding your hard-earned cash in this podcast conversation between Kevin Hogan, Head of Fraud Risk and Rene Grobler, Head of Investec Cash Investments, both at Investec.
Around the world, retirees are increasingly being targeted by fraudsters. Fraudsters go after retirees because they often have access to larger amounts of savings, and also because many retirees are perceived to be less tech savvy.
South Africa is no different. According to the South African Fraud Prevention Services, South Africa is a popular target country among fraudsters. Fraud incidents increased by 600% in 2022 compared to 2018, with retirees among the main targets of criminals. Fraudsters play on emotions like fear and compassion in often elaborate schemes to swindle people out of their savings.
Understanding how scammers work and applying a few basic rules whenever you receive a call, text message or email can go a long way towards helping you to protect your savings and investors from fraud.
In this special edition Investec Focus Radio SA podcast, Kevin Hogan, Head of Fraud Risk at Investec, is joined by René Grobler, Head of Investec Cash Investments, in explaining some of the ways you can avoid becoming a victim of different kinds of fraud.
Phishing, smishing, vishing
One of the most common forms of fraud is what is known as phishing. An individual receives an email, seemingly from a genuine source (such as your bank, telecoms provider or SARS) to entice you to share information or click on a link.
“They'll put a link in an email, that will say for example that there's an outstanding payment due. They’ll tell you to click on that link and it'll send you to a fake login page,” explained Hogan.
“The whole point of the phishing expedition is to get you to give away your username and password or engage with the link or attachment. There's a chance you could download a virus if you click on that link or attachment in the document. It’s really to get people to engage with the email in a way that would then lead them down this garden path. You think you are logging onto a genuine page but you're not.”
Related to phishing is smishing (SMS phishing), which is pretty much the same, but with a link in an SMS.
Vishing, or voice phishing, is a common tool for fraudsters. This involves someone calling you, purporting to be from a financial institution, retailer or service provider and try to entice you to share key information, such as a password, in order to get into your account.
Perpetrators are often quite sophisticated in their approach and may even have a lot of your personal information already, which makes them seem genuine, Hogan pointed out.
“For example, in the UK specifically, people get phoned by a fraudster who pretend to be from their bank and tell them that there has been fraud on their account and they need to move their money to a safe account. All of that is done over the phone and they can quote your card numbers as well as other information that they’ve managed to steal in order to convince you that it’s real.”
The whole point of the phishing expedition is to get you to give away your username and password or engage with the link or attachment.
Similarly, you may get a call, text or email from a courier company, relating to an actual order that you have made, which the fraudsters know all about because they have somehow accessed your order information.
“Your head and your heart is saying to you, this is completely genuine. They're using the correct courier company. They're using the correct tracking number.”
“And typically what happens is that you click the link and the screen opens asking for your card information. You fill that in and the fraudsters then have your card information that they load onto their cell phone to make payments.”
“They then send you a one-time password (OTP). You think it's a payment OTP but it's not. The OTP is actually to authorise your card information to be loaded on the phone.”
The lesson here, said Hogan, is to always verify the email, SMS or call independently whenever you are contacted in this way. “And never use the number that they've sent you. Go back to the original mail. Just Google it [the real company] and go through that process [of calling the call centre or emailing the real company],” he advised.
Common types of fraud targeting retirees
Grobler and Hogan then went into some of the more common forms of fraud against retirees. High on the list are investment scams.
“We're finding a lot of people who are on the brink of retiring or have retired already, but find that they don't have enough for retirement, or that they're outliving their retirement funds. They want to supplement their income, so if an attractive investment opportunity comes by they want to do that,” he explained.
Unfortunately, many people are conned into these fake investments. The websites look like the real thing, with a username and password login.
People usually don’t realise it’s fake until it’s too late. “We've had clients who have come to us many months later after paying the money to say they think they've been scammed,” he said.
People usually only realise when they try to take their money out and find obstacles to do so. “Unfortunately the money's usually long gone by then,” he said.
5 ways to stay safe online
Apart from the above, below are key ways in which you can avoid becoming a target of fraudsters:
1. Make sure you bookmark the websites of the service providers that you use regularly, such as your bank or medical scheme. “Often, people go into Google and they look up their bank or service provider and click on the first link they see. Fraudsters prey on this habit. We've even seen an instance where they created a fake banking page,” explained Hogan.
2. Avoid using the same passwords on multiple accounts, and don’t use weak passwords. Should fraudsters get access to one of your passwords, this will then give access to other accounts, which can leave people exposed. Make sure your passwords are strong, with a good mix of letters, numbers and special characters. This sounds daunting, but it needn’t be. A password manager is a good way to store a lot of passwords. “Otherwise, do what my mom does,” said Hogan. “She's got a nice leather-bound book, and she writes all the passwords in the book.”
3. Act swiftly if your smartphone or card is stolen or lost. Hogan said the first step is to phone your bank to block your account. He also advised against storing passwords on a phone “Don't use the keychains. Even though the keychains are very convenient, if you lose physical possession of your device, the fraudsters get the device password,” he said.
4. Avoid links on social media or websites with investments that seem too good to be true. Always go the traditional route of consulting your financial adviser about the opportunities that you see if you’re unsure.
5. Finally, pay attention to the email communications sent by Investec that highlight some of the ways scammers will try to defraud you. Investec is constantly monitoring fraud trends that could affect you and by increasing your awareness of these, you are better able to protect yourself.
You may also be interested in:
Browse further in