What is vishing?
Vishing is when fraudsters use social engineering skills to manipulate you. Their goal is to convince you that they are calling from your bank or service provider.
Fraudsters will use various tactics to gain your trust, either to get you to share personal information (such as your secret PIN) or to instruct you to approve and/or process certain transactions under the pretence of preventing fraud against your account.
How vishing syndicates operate
A fraudster phones their victim claiming that they are from Capitec Bank’s Fraud/Forensics department. The fraudster may already have some personal information and use it to convince them that they are who they say they are. They state that there are fraudulent debit orders or activity on the victim's account that must be stopped.
Scenario 1:
Fraudster: “Good day, Mr/Ms Client, this is Peter from Capitec's Fraud department. We have detected fraudulent activity on your account, and the fraudsters are emptying your account as we speak. Do not panic; I am here to assist you to prevent further losses. Just work with me as time is of the essence!”
Client (shocked): “Oh no! What must I do?”
Fraudster: “To safeguard your money, we must transfer it to a holding account at Capitec until your account is safe. To do this, follow my instructions: open your Capitec Bank app, tap on 'Add beneficiary', enter this account number… Now transfer all the available money to this account.”
Client: “OK”
The person has just transferred their money into the fraudster’s bank account.
Scenario 2:
Fraudster: “Good day, Mr/Ms Client, this is Peter from Capitec's Fraud Department. Are you aware of the R50 000 debit/stop order loaded on your account to Company X in the UK?”
Client (shocked): “No, I don’t have any such debit or stop orders!"
Fraudster: “Don’t worry, I am here to help – just follow my instructions carefully! Please provide me with your Remote Banking PIN and approve the login."
The fraudster then logs in to the client’s Internet banking profile and asks the client to approve the login on the Capitec Bank app. Once logged in, the fraudster creates a beneficiary and transfers money with the help of the victim, who approves the in-app notifications on the Capitec Bank app.
Protect yourself and your money
Criminals work hard to trick you into sharing personal information with them, but there are ways to avoid falling for their scam:
- Never share your username, passwords or secret PINs with anyone – we will never ask for this information
- Never sign in to remote banking platforms (e.g. Internet banking or cellphone banking app) based on an instruction given over the phone
- Always read the pop-up notifications from your banking app or Internet banking before you approve a transaction or enter your secret PIN
- We will never ask you to transfer or reverse money out of your account
- We will never ask you to approve a pop-up notification or create a beneficiary on your account
- If something looks or feels suspicious, hang up
Report a suspicious call
If you feel you've received a suspicious call, immediately call our 24hr Client Care Centre on 0860 10 20 43. Never call the number that called you back as fraudsters divert these numbers to legitimate Capitec contact numbers or use Capitec's automated call recordings.
