Finance

SARS e-filing fraud warning for South Africans

Experts warned that South Africans should be on high alert for cybercriminals during the 2026 tax filing season, as scams are getting more frequent and convincing.

The warning comes as the South African Revenue Service (SARS) begins issuing auto-assessments from 1 to 12 July 2026.

Taxpayers who are not auto-assessed, or who need to amend their returns, can begin filing from 13 July, with the deadline for non-provisional taxpayers set for 23 October 2026.

SARS has introduced several improvements to its filing systems, which should make the 2026 season more efficient and accurate.

This includes enhanced pre-filled third-party data, a simplified tax return, WhatsApp delivery of assessment notices, and a new declaration alert questionnaire designed to reduce unnecessary verifications.

However, while the increased use of digital tax services should make e-filing more straightforward, it also presents an attractive opportunity for cybercriminals.

Speaking on Kaya Biz, Esset South Africa cybersecurity expert Lucas Molefe said tax season has effectively become “hunting season” for online criminals.

“The main reason why they do this is to make money,” Molefe said. “By getting the information of someone, it’s all about making money. We call this the hunting season for cybersecurity criminals.”

He explained that fraudsters know taxpayers are sharing highly sensitive financial information during filing season, making this one of the most predictable periods of the year for cybercrime.

“They are aware of one thing – eFiling is highly sensitive financial data that is being shifted and filled on digital platforms, and criminals love predictability.”

According to Molefe, the rapid advancement of artificial intelligence (AI) has significantly changed the quality of phishing attacks.

In previous years, scam emails and SMS messages were often easy to identify because they contained poor grammar, spelling mistakes, or other obvious errors.

“At first, phishing emails and SMSs were easy to pick up because of the grammar they used,” he said. “You’d find that they would misspell your name or misspell something.”

That is no longer the case. AI has not only made scams more convincing but also increased the number of cyberattacks.

“Ever since AI came, there was definitely a spike,” Molefe said. “What they have done is that it looks more authentic, but essentially it is just mimicking what SARS would call legitimate communication.”

He cautioned that these AI-generated messages are designed to closely resemble official correspondence from the revenue service.

This makes it much harder for taxpayers to recognise fraudulent emails, SMSs or WhatsApp messages before clicking on malicious links.

How SARS communicates with taxpayers

Molefe stressed that taxpayers should understand how SARS normally communicates, as this is one of the easiest ways to distinguish legitimate correspondence from scams.

SARS generally directs taxpayers to secure platforms such as their eFiling profile, official website, or mobile application, rather than asking them to complete sensitive actions directly via email.

“When they send you an email, they don’t tell you to do everything from your email,” he said. “It directs you to their website, which they are saying is secure.”

Molefe added that the revenue service has also invested in secure digital channels, including its own mobile application.

“I believe one of the reasons they released the mobile application was to make sure people are secure and to make sure there is no man in the middle trying to get your information,” Molefe said.

Molefe noted that SARS has also been working with banks to warn customers about current tax filing scam campaigns.

“Recently, I got a notification from one of my banks speaking about SARS-related scams that are happening. That is actually SARS communicating to the bank, making sure that users understand how dangerous this can be.”

The biggest mistake taxpayers make

According to Molefe, the biggest advantage scammers have is not necessarily technology but psychology. “The biggest mistake is that we like to react quickly.”

During tax season, many taxpayers expect communication from SARS, whether about filing deadlines, refunds or outstanding tax matters. Scammers exploit those expectations by creating a false sense of urgency.

“They deliberately use psychological triggers,” Molefe explained. “They’ll promise an unexpected tax refund or create panic about a pending audit.”

The goal is to pressure taxpayers into clicking a malicious link or handing over login credentials before taking time to question whether the communication is genuine.

“They want you to feel the pressure to click on the link or give away your login details before you have a chance to step back and think, ‘Is this really legitimate? Is this really from SARS?'”

Interestingly, Molefe explained that the taxman’s automation of e-filing has also made taxpayers more vulnerable.

With SARS increasingly pre-populating returns and issuing automatic assessments, many people assume any message referring to an automated refund must be genuine.

“You get an email saying, based on the automation, we owe you this amount, and you’re going to want to see that amount.”

Molefe explained that the most effective defence taxpayers have against scams is simply to slow down.

Rather than reacting immediately to messages about refunds, audits or outstanding tax payments, taxpayers should verify the communication through SARS’ official channels before taking any action.

“It’s very important to look at things and not allow scammers to emotionally manipulate people,” he said. “That’s what they rely on.”

Newsletter

Top JSE indices

1D
1M
6M
1Y
5Y
MAX
 
 
 
 
 
 
 
 
 
 
 
 

Comments