← Back to Security Hub

The Ultimate Guide to Preventing Scams in South Africa

As digital fraud becomes more sophisticated, staying informed is your first line of defense. This guide covers the most prevalent threats moving through South Africa today and how you can protect yourself in 2026.

🏦

1. Banking & EFT Scams

The most common banking scam in South Africa involves social engineering. Scammers often pose as bank officials claiming there is a "fraudulent transaction" on your account. Key Red Flags: • Being asked to install remote access software like AnyDesk or TeamViewer. • Requesting your One-Time Pin (OTP) or App Approval. • Urgency: Telling you that you must act "right now" to save your money.
👥

2. Facebook & Social Media Fraud

Facebook Marketplace is a hotspot for localized fraud. Sellers often request "deposits" for items that don't exist, or buyers send fake "Proof of Payment" documents. Key Red Flags: • Prices that are "too good to be true." • Sellers who refuse to meet in a safe, public place. • Profiles that were created very recently (check the "Joined Facebook" date).
📧

3. Email Phishing & BEC

Business Email Compromise (BEC) targets both companies and individuals. Scammers spoof the email addresses of lawyers, contractors, or even SARS. Key Red Flags: • Sudden changes to banking details for an invoice. • Emails from "SARS" regarding a refund that requires you to click a link. • Generic greetings like "Dear Valued Customer" instead of your name.
🌐

4. Website & Online Store Clones

Scammers often clone popular South African retail websites. They look identical but are designed to steal your credit card information. Key Red Flags: • Misspelled URLs (e.g., 'takeal0t.co.za' instead of 'takealot.com'). • Lack of contact information or a physical address. • Only accepting manual EFT or Crypto as payment.

🛡️ 5 Golden Rules for Safety

  • 01.Never Share Your OTP: No bank official will ever ask for your One-Time Pin or to approve a prompt on your app.
  • 02.Verify Before You Trust: Use CheckItSA's Website and Phone scanners to check any link or number before engaging.
  • 03.Enable 2FA: Always use Two-Factor Authentication (preferring apps like Google Authenticator over SMS) on all accounts.
  • 04.Check the URL: Always look at the address bar. If it's not exactly what you expect, close the tab.
  • 05.Trust Your Gut: If a deal or conversation feels strange, it probably is. Scammers rely on creating pressure.

Want to report a scam?

🚨 Report an Incident