Retail

Online shopping warning for South Africans

8 October 2025
Add Google Preferred Source Follow on Google News

Shopping online, even from reputable sellers, puts South Africans at risk of being defrauded, having their card details stolen, and paying for goods they never receive.

This warning was issued by Kevin Hogan, head of fraud risk at Investec and Anna Collard, cybersecurity expert, who spoke on Investec’s Everything Counts podcast.

Hogan explained that, because most people use the same card on every website they shop at, eventually, they are bound to use it on a platform that is not secure.

At that point, because the card is linked to all of the different sites where it has already been used, it will be compromised.

Even well-known, reliable websites are not safe for shoppers, as they remain susceptible to being hacked. For example, popular platforms like Booking.com and the PlayStation Network (PSN) have been hacked by fraudsters in the past.

This leaves the card details of the customers who have shopped on these sites vulnerable, and can open them up to serious financial losses. For those who buy items online using EFT payments, the risk is even more pronounced, Hogan warned.

Online merchants often give their customers options of how they can pay. When this happens, he said customers should always choose to use their card.

“There’s a level of insurance that automatically comes with using your card,” Hogan said. This is because, when payment is made using an instant EFT, the customer has no recourse if there is non-delivery of goods.

However, when customers pay with their card, they can institute a chargeback process against the merchant if goods are not delivered.

Vendors may sometimes try to encourage buyers to pay through a normal or instant EFT, since this is more lucrative for them.

“The benefit is for them because they don’t get charged the merchant fee, but you lose because there is none of this protection around if there’s non-delivery of goods. So we strongly encourage clients to use your cards when you’re shopping online,” Hogan said.

The risks surrounding EFTs also extend to the fact that customers are required to give away their banking username and password, which Hogan said Investec does not recommend at all.

How to stay safe online

Fortunately, there are ways consumers can protect themselves against fraud when shopping online. A good starting point is to ensure that the website being used is legitimate.

Hogan explained that the Southern African Fraud Prevention Service (SAFPS) offers a helpful free tool in this regard.

Their platform, Yima, gives consumers a confidence score about how legitimate a website is, and provides information such as whether the website has any malicious content, whether it has been blacklisted, and where it is based.

Another important part of staying safe online is using a secure payment method. While card payments protect customers from non-delivery, unlike EFTs, they do not offer protection against hacking.

Hogan explained that when Booking.com was hacked a few years ago, Investec had around 300 clients who used their physical plastic cards on the website. “They all had fraud,” he said.

Instead, Hogan and Collard strongly recommended using virtual cards. Virtual cards are digital payment tools linked to existing bank accounts or credit lines.

They provide the user with a unique set of card details for transactions without using their physical card. These cards also have a unique CVV number.

South Africa’s biggest banks all allow customers to create a virtual card, often free of charge. Sometimes, customers are able to create multiple virtual cards.

For example, Investec allows customers to create up to five virtual cards. Each of these can be allocated for different purchases.

For instance, clients can decide to use one card for online bookings, one for online shopping, one for subscriptions, and another for run-of-the-mill purchases.

When one card gets hacked or is used on a dodgy website, it can instantly be blocked without the client even needing to call the bank.

Another benefit is that these cards can be paused when they are not being used. The client can, for example, activate their card only when they are paying for a booking online, and then pause it again afterwards.

This strategy ensures that no one else can use that card during these off-periods, keeping customers’ money secure.

Finally, Collard advised that consumers should be wary during peak shopping periods like Black Friday as scammers take advantage of these events by sending fraudulent WhatsApps or emails with offers that appear too good to be true.

She warned that customers should not click on any of these links. Instead, they should go directly to the company’s website or app to see whether there are any promotions available.

Scammers are now using AI to make their phishing emails and messages appear more realistic than ever, making it essential for consumers to be cautious.

Newsletter

Top JSE indices

1D
1M
6M
1Y
5Y
MAX
 
 
 
 
 
 
 
 
 
 
 
 

Comments

Privacy policy | Contact | Advertise |

Articles and other information on Daily Investor is for information purposes only and is not financial or investment advice. It should not be seen as a recommendation to buy shares in any company. Our content is produced without considering the objectives, financial situation, or needs of individuals. Before making any investment decision, prospective investors should consider the appropriateness of the information to their own objectives, financial situation and needs and seek legal and taxation advice appropriate to their jurisdiction.

Profile Data logo

Price and trade data source:

JSE Ltd All other statistics calculated by Profile Data.

All data is delayed by at least 15 minutes.

Press Council South Africa IAB South Africa
Daily Investor proudly displays the “FAIR” stamp of the Press Council of South Africa, indicating our commitment to adhere to the Code of Ethics for Print and online media which prescribes that our reportage is truthful, accurate and fair. Should you wish to lodge a complaint about our news coverage, please lodge a complaint on the Press Council’s website, www.presscouncil.org.za or email the complaint to [email protected] Contact the Press Council on 011 4843612.