Capitec stops R642 million in fraud

Over the past financial year alone, Capitec has blocked more than 394,000 fraudulent transactions, preventing over R642 million in losses for its clients.

This comes as fraud in South Africa continues to grow and evolve, with an increasing number of banking clients falling victim to scams.

In a recent press statement, Capitec’s executive head of financial crime, Blessing Mgaga, explained that, more often than not, fraud starts with a person being convinced rather than a system being hacked.

“That matters because the biggest risk is often not a technical failure. It is a moment of trust, pressure or urgency that leads someone to make a payment they believe is genuine,” he said.

This type of fraud also puts banks in a tough position, as it is difficult to recover funds that clients willingly paid, even if they were coerced into doing so by fraudsters.

Therefore, many South African banks have shifted their focus to preventing clients from falling victim to fraud in the first place, through initiatives like increased education and fraud-detection technology.

With nearly 25 million clients to protect, Capitec is among the banks that have stepped up efforts in recent years to fight and prevent fraud.

Capitec reported that it blocked more than 394,000 fraudulent transactions, preventing losses of over R642 million, in the last financial year.

The bank has also identified and shut down more than 64,000 mule accounts used to quickly move stolen money through the financial system. 

“These numbers show the scale of the threat, but they also show how fraud is changing,” Mgaga said. 

“It is no longer only about breaking into systems. More and more, it is about influencing people. And this is happening across many industries.”

Mgaga listed various examples of what this fraud could look like, including a discounted phone on Facebook Marketplace or a holiday apartment advertised well below the usual rate.

It can also take the form of an investment opportunity on social media that promises high returns or a message that appears to come from a bank warning about suspicious activity and urging clients to act immediately. 

“Each of these situations is made to feel believable, and that is what makes them dangerous,” Mgaga explained.

Technology to fight fraud

Mgaga referred to this type of fraud as “push payment fraud”, describing it as people being pressured into paying money into a fraudster’s account. 

“People often authorise these payments themselves, not because they are careless, but because the request, offer or warning seems believable at that moment,” he said. 

“Fraudsters use urgency, familiarity and emotion to make people act before doubt has time to set in.”

He explained that this is why Capitec’s response has been designed not only to detect fraud in the background, but also to identify, block, and disrupt high-risk activity before losses occur. 

However, he said these measures can only prevent fraud to an extent, with the strongest defence being behavioural changes.

Therefore, Capitec combines technology with behavioural interruption in the form of warnings, delays and prompts. These act as deliberate interventions designed to break the “momentum” of a scam, Mgaga explained. 

“Slowing a transaction by even a few seconds can give a client the chance to question an unexpected message, an unusually good deal or a request that demands immediate action,” he said. 

“In a fraud environment built on urgency, that pause can be the difference between a legitimate payment and a loss.”

He used bank impersonation scams as an example, as this type of fraud relies on messages that are often polished, convincing and designed to create fear. 

“They may mention suspicious transactions, fraudulent debit orders, or account security issues,” he explained.

“The goal is not always to steal information directly. Often, it is to influence the person’s next action in a way that benefits the fraudster.” 

“We look for opportunities to protect clients in these moments by warning, delaying or blocking transactions where behaviour suggests a scam may be underway.”

Technology plays a significant role in preventing this type of fraud, and Capitec also invests heavily in malware detection and prevention.

“To date, our advanced malware prevention has protected over 500 clients and prevented around R31 million in losses,” Mgaga said. 

How South Africans can protect themselves

Mgaga explained that, while technical threats still matter, many of the biggest fraud risks today are behavioural.

“When too much focus is placed on technical compromise alone, it can create the impression that the main risk sits in hacked systems or infected devices. In many cases, the real attack is the interaction itself,” he said.

Mgaga suggested that South Africans take the following steps to protect themselves against fraud –

• Pause before paying a deposit for something you have not verified
• Be cautious of links sent by SMS or WhatsApp, even when they appear legitimate
• Walk away from investment opportunities or offers that begin in informal channels or promise returns that seem too good to be true

This advice can apply to deposit and marketplace scams, courier and bank impersonation scams via SMS and WhatsApp, and investment scams linked to crypto or deepfake-style platforms.

Mgaga said all of these scams rely on one thing – getting the victim to act before they stop and think. “In most scam situations, slowing down is not hesitation. It is protection,” he said. 

“In today’s fraud landscape, the strongest defence is not only technical. It is the combination of technology, insight and one critical moment of pause before trust is exploited.”