Beware: cybercriminals are capitalising on Absa's brand refresh
In a phishing email sent to South Africans, criminals are trying to capitalise on Absa's brand refresh to scam unsuspecting users.
The email purports to come from the desk of Absa CEO Maria Ramos, and customers are encouraged to click on their “New Absa e-statements” in PDF format, which is actually an HTML file that takes them to a phishing attack website.
Cybercriminals such as these employ increasingly sophisticated methods to access customer internet banking information and email phishing scams are but one of the methods they use.
© JavadR via pixabay.com
Absa reminds the public that it will never ask customers to provide their pin number or account login information either electronically or telephonically.
Absa will also never contact its customers to provide sensitive information such as card pin, card CVV or online banking password, nor request access to online banking profiles via hyperlinks or attachments provided in an email.
Users should never respond to a suspicious looking email or message, or click on a link in a suspicious looking email, but rather delete the email or message.
Useful tips to safeguard your personal information
Your pin and online banking password is your personal key to secure banking. It is crucial to keep it confidential.
- Never write down your pin or password or disclose it to anyone.
- Change your pin and password as often as possible.
- Do not use your birth date or birth year as a pin number, as criminals may have access to this personal information.
- Memorise your pin and password: do not write it down or save it on your cell phone.
- Cover your hand when typing in your pin when using an ATM or POS device or using the banking app or online banking in a public space.
It is vital that customers are aware of some measures they can take to make protect themselves from phishing scams:
- Always keep your personal access information secure, and change your pin and passwords regularly.
- Never open a link or an attachment within an email claiming to be from Absa as this may link to a fraudulent website or download a virus or keylogging software that will compromise your security.
- Do not disclose your secret access credentials to any third party, as this will allow them access to your online profile.
- Be aware that phishing scams have also been received through instant messaging systems such as GoogleTalk or Skype; as well as through social networking websites such as Facebook. When in doubt of the authenticity of a link or a claim, simply don’t click it and delete the message.
- Install good quality security software and ensure that you have updated to the latest version of your browser. Most of the newer browsers have the inherent ability to detect fraudulent websites.
- Don’t bank or shop online when using public Wi-Fi such as those found in internet cafes, hotels, coffee shops, airports or student labs. Key-logging software could be present on the computer and will send all your personal information through to the fraudster, who could then use this information to clear out your account.
- Before you bank online, ensure that you are actually within the secure internet banking website. Once you visit your bank's website and click on the internet banking link, you will be redirected to an available banking server. Once there, check the browser address. It should begin with ‘https://’ (not ‘http://’) – the ”s” indicates it is a secure site.
- Also check the browser for a closed lock and/or key icon – which should either be at the top or the bottom of the screen.
- When leaving your computer, always end the current session by closing your browser window, and never leave your computer unattended during an internet banking session.
If you believe that you may have fallen victim to a phishing email or a vishing call, contact the Absa Fraud Hotline immediately on 0860 557 557 to alert the bank.