Standard Bank fraud warning

Standard Bank warned that spoofing scams are on the rise, and are increasingly difficult to identify, making it more important than ever for consumers to be vigilant.

The bank explained that, in recent months, it has seen an increase in spoofing scams, where fraudsters use voices and emails generated by artificial intelligence (AI) to impersonate bank officials.

Calls and emails appear to come from their banks’ legitimate contact details, making them increasingly difficult for customers to spot.

“With the rapid development of AI, we have seen an alarming enhancement in spoofing techniques,” said Advocate Athaly Khan, Head of Fraud Risk Management at Standard Bank. “Current scams look and sound more real than ever before.”

AI gives fraudsters access to advanced technologies, such as voice cloning, deep-fake videos, chatbots, and AI-generated phishing emails.

This makes consumer awareness more critical than ever. “Stay safe, stay alert,” Khan said. “Know what not to do, and what not to share.”

Standard Bank explained that spoofing is a deceptive tactic where criminals impersonate trusted entities, like banks, by manipulating caller ID or email addresses to appear legitimate.

This scam is combined with vishing, which entails fraudsters calling customers using what appears to be a valid bank number.

The call mimics the tone and structure of a genuine bank interaction, often including standard security questions and disclaimers.

To build trust, scammers may reference personal details such as birth dates, addresses, or account types. This information might seem harmless, but it is used to create credibility.

Typically, the caller claims to be calling about a service offering or to validate detected suspicious activity on the customer’s banking profile, such as unauthorised changes to their contact details.

Once panic sets in, they offer fake solutions, such as asking customers to transfer funds to a “safe” account, scan a QR code, click a link, or share sensitive information like One-Time Pins (OTPs) or instant money voucher codes and pins.

Avoiding spoofing scams

Scammers can also email potential victims. They send phishing emails, which appear to come from a legitimate email from a bank employee and replicate the bank’s branding.

These messages often use an urgent, threatening tone to pressure customers into acting quickly. For example, they may claim that accounts have been flagged due to KYC or FICA compliance issues. Malware hidden in links, attachments, icons, or QR codes is usually embedded in these emails.

Clicking or scanning these elements can install harmful software on a customer’s device or redirect them to legitimate-looking fake websites designed to steal login credentials and card details.

The emails typically impose tight deadlines, ranging from hours to a few days, to heighten anxiety and push immediate action.

To avoid falling victim to these scams, Standard Bank said customers should avoid doing the following:

• Don’t transfer funds to another account on instruction. A bank can secure a customer’s funds without their involvement.
• Don’t generate instant money vouchers at someone else’s request. Authentication doesn’t require transactions.
• Don’t click links, icons, download attachments, or scan QR codes from texts or emails. Banks do not send these via digital communication.

Standard Bank added that customers should never share their login details, card expiry date, CVV, OTP, or ATM PIN.

They should also never disclose financial information like investments or where they hold other financial products.

Finally, customers should never reveal their bank details, since they could unknowingly become a money mule.

“Fraud is widespread and constantly changing,” the bank added. “Scammers use fear and urgency to manipulate victims. Stay calm, think critically, and always remember what not to do, and what not to share.”