Standard Bank warns of new scams targeting South Africans who pay tax

Standard Bank has warned South Africans about a rise in fraudsters targeting taxpayers as the 2026 tax season begins. 

This is the continuation of a historical trend, where criminals become increasingly active around the beginning and then the end of tax season. 

They look to take advantage of emotional and rushed decision-making to gain access to personal data or steal funds. 

However, in recent years, the bank has noticed a significant change in criminal tactics to include new methods of scamming individuals. 

Standard Bank’s head of fraud, Marius le Roux, explained that criminals are increasingly using digital channels to impersonate SARS representatives. 

“We’ve seen many cases where fraudsters send bait communication through text, email, WhatsApp or phone calls,” Le Roux said. 

“The communication sent may claim that you have a tax refund, owe a tax penalty, or are being investigated for breaking tax laws.” 

Typically, fraudsters use these tactics to try to gain access to individual banking profiles, steal money directly, or trick individuals into sending them money. 

Standard Bank’s warning follows those from SARS itself about a rise in sophisticated scam emails and SMSes from people trying to impersonate officials from the revenue service. 

These communications are typically sent under subject lines such as “Settlement Notification” and “Final Demand” to put pressure on targeted individuals. 

They often demand immediate payment to play on the anxiety associated with dealing with SARS. 

This is partly driven by SARS’ own enforcement efforts, which have resulted in the taxman increasingly engaging with taxpayers to enhance compliance. 

Distinguishing between communication from SARS and criminals is becoming increasingly difficult, but it remains critical to avoid falling victim. 

This is especially true where communications appear legitimate, the wording is formal, and references to legal enforcement are made. 

However, the communication from fraudsters still offers some notable “tells” that indicate criminal activity is taking place. 

This includes but is not limited to grammatical errors, spelling errors, and incorrect citations of law. It is always best to reach out to the tax authorities for clarification before taking any action. 

How fraudsters steal your money

Standard Bank shared examples of how some of its clients have fallen victim to fraudsters around the beginning of tax season. 

These examples are the most common types of fraud to occur around this period, with criminals acting on elevated anxiety and stress to gain access to accounts or personal information. 

One of the most common types of fraud is an Extortion and ‘Secure Account’ Scam, where fraudsters contact individuals claiming there is a problem with their tax return. 

They also often claim that the individual could face legal action and send fake documents to make it appear legitimate. 

Once they believe you are convinced that the communication is legitimate, they will ask you to pay money to make the issue go away. 

In other cases, the criminals will give you a fake account number and say you must pay the money owed to SARS or move it to a ‘safe account’ while they investigate. 

Another popular type of scam involves a change of banking details, whereby fraudsters send you fake SARS banking details and claim you owe the taxman money. 

Typically, in this scenario, the fraudsters may also offer a discount if you pay quickly, hoping that you won’t take time to check the details. 

This is quite similar to another popular tactic, which involves the sending of fake messages with links, attachments, or QR codes. 

These messages ask you to click through to a website, download an application, or scan through to a different webpage. 

These links often contain malicious software that can be downloaded onto your device to give fraudsters access to the device and bankin gprofile. 

 Sometimes they redirect you to a fake SARS or Banking site, prompting you to capture sensitive information, such as your login credentials, One-Time-Pin, or card details.