Update

GEORGE NEWS - The owner of a local cleaning company, Spotless Cleaning Services, was refunded in full by Absa bank after she fell prey to an internet banking scam on Tuesday 27 November.

Lindi Nortje from George was scammed out of R8 000 in a matter of minutes after she followed telephonic instructions to log into her banking app. Unfortunately it wasn't the bank's fraud-busting unit on the line, but a wolf in sheep's clothing, and the fraudster proceeded to make two withdrawals of R4 000 each.

The scammer phoned Nortje after sending her an SMS pretending to be Absa saying that she had logged in to her banking app. She was not doing banking online and when the conman phoned, asking her to log in to her account to stop a fraudulent debit order from going through, she did as she was asked - with disadtrous consequences.

Scam method
Cyber security expert Prof Rossouw von Solms says in this instance the scammer could have used one of two methods. "Seeing that he got the victim to log into her banking app immediately, they could have used a key logger virus to identify her pin and password. Another possibilty is that her icon was hacked, taking her to a fake site to capture her security passwords. People often store addresses they regularly use in their browser, giving fraudsters a golden opportunity to hack the icon."

Von Solms says Nortje, who is too scared to use internet banking again, must have her device checked for malware.

Full refund
According to Ally Mafunzwaini, head of Absa Fraud Solutions, Retail and Business Banking SA, the bank's investigation indicates that their internal controls, designed to secure the account, were not compromised.

"The customer was unfortunately deceived by an unknown party into compromising the "keys to the safe". 

The unique circumstances of this case, Absa's customer centric approach, and our Digital Warranty (market-first solution) were contributing factors to Absa's decision to refund Ms Nortje in full. Our decision has been communicated to Ms Nortje who was very pleased with the positive outcome," Mafunzwaini said.

'Keyes to the safe' are key
Mafunzwaini said fraud is fuelled by ever-evolving social engineering methods. "We continuously make substantial investments to safeguard our customers. The industry noted an upsurge in social engineering and in fraudsters who use personal data from data breaches to impersonate banks with the sole purpose of deceiving customers. 

"Successful fraud prevention requires all parties (banks, customers and the industry) to play their respective roles in full. Customers should never share their "keys to the safe" - card PIN, card CVV, card OTP, online PIN, online password and online authorisation. 

"If an Absa customer is contacted to share 'keys to the safe' or asked to approve transactions, the customer must drop the call immediately and contact the Absa Fraud Hotline. 

"Absa online banking is one of the safest ways to bank and the bank encourages our customers to adopt the latest mobile bank application. We are so confident in our mobile bank application that we back it with a free digital warranty."

In the case of any doubt, customers are requested to immediately contact Absa Fraud Hotline on 0860 557 557 or use the mobile banking application "Report Fraud" option.

Read a previous article: Watch out for scam

'We bring you the latest George, Garden Route news'