Important bank card fraud warning in South Africa
Nedbank is disabling card swipe transactions at toll gates due to widespread fraud. It released a fraud alert, explaining that due to ongoing debit card fraud, debit card swipe transactions at toll gates were disabled from 20 January 2025.
Its customers can still use credit cards, garage cards, cash, or tags to pay the nation’s toll gates.
“Toll gates are in the process of being converted to tap functionality, and those already enabled will accept contactless debit, credit cards and smart devices linked to contactless payment apps,” Nedbank said.
Although Nedbank failed to explain what fraud occurred, previous reports suggest card cloning occurs frequently at toll booths along the nation’s highways.
A major toll road operator has also banned all debit card payments due to the high incidences of fraud.
Loyiso Boyce, MD of Clyrofor, explained on the Kaya Biz podcast that this type of fraud can occur due to the magnetic stripe (magstripe) on debit cards.
Criminals target the magstripe during swipe transactions since it allows them to copy or detect sensitive card information.
Boyce highlighted that magstripe fraud is not limited to toll gates; it also occurs at ATMs, retail stores, and any location where cards are swiped. Toll gates are particularly vulnerable due to the low transaction amounts.
Fraudsters exploit small, frequent transactions. When victims notice suspicious activity, several transactions may have already gone through, totalling a few thousand rand.
“What these threat actors look for allows inactivity. One of our biggest times of activities around December,” he said.
“Because threat actors know that most people have gone on leave, problems aren’t going to be picked up until after a few days.”
This gives criminals more time to cover tracks and prevent detection. Another factor is that small amounts are less likely to trigger concern, Boyce noted.
For example, if R50 is deducted, people might overlook it because they’re busy driving or in a meeting. Fraudsters rely on this inattentiveness.

To combat such threats, forward-thinking banks have implemented tap-and-pay technology and chip-based cards, which provide enhanced security.
According to Boyce, while the current focus is on toll gates, the issue underscores a broader need to remain vigilant about card security in all transaction environments.
Boyce explained that while the methods may vary, the core principles behind the scams remain the same.
Similar issues have surfaced in the past, such as fraudulent debit orders under R99.
“They’re looking for different avenues, but they’re exploiting the same human condition: busy, it’s small, not going to pay attention.”
Timing is critical for this kind of crime since fraudsters know that people are less likely to pick up small transactions during month-end, for example, when people are getting a lot of other payment notifications.
Essentially, they are able to hide these small fraudulent transactions in the noise.
Boyce compared these tactics to subscription scams, where tiny amounts, such as 30 cents a day, are deducted over time.
While you may not notice it in the short term, these small amounts can really add up in the long term.
This focus on timing is also a common feature across several types of fraud, including phishing and other digital scams.
Phishing emails often take advantage of events like Black Friday, posing as trusted retailers offering discounts to lure victims into sharing sensitive information.
Similarly, fraudsters use automated voice messages, claiming people qualify for loans or insurance, to exploit breached personal data.
Boyce said that these scammers may use data from past breaches, such as your name, payment history, or debit order amounts, to craft convincing messages.
For instance, a victim might receive a personalised message saying, “Hi, we’ve noticed your monthly debit order of R800. Press 1 to receive a 40% discount.”
However, by pressing the button, victims unknowingly fall into the fraudster’s trap.
Comments