Open my info

my finds

remove bookmarks
    You don't have any bookmarks saved. Click the star icon on a panel to add it to your bookmarks. Your bookmark has been saved. Bookmark removed.

    privacy & security

    fraudsters and identity theft

    Identity theft is a real threat to the security of your bank account. Imagine the damage someone could do if everyone thought they were you? 

    Banking on the go allows you to bank on personal devices (computer and cellphone), but that doesn't mean you can slack off when it comes to security. Identity theft is a real threat.

    Understanding identity theft

    Phishing, smishing and keylogging – there are many ways that fraudsters could initiate identity theft. As always, the best way to protect yourself and your cash is to understand what they are doing and how to prevent it. If you suspect you've fallen prey to identity theft, call us on 0860 10 20 34.

    Phishing and smishing

    What is phishing?

    Phishing is a form of electronic fraud where your personal details and banking info is collected and an attempt is made to access your account. Fraudsters can collect your info by telephone or electronic communication (e.g. email, SMS, MMS, fax etc.) in the following ways:

    • Asking for your user information (especially your password, token password and PIN)
    • Asking you to verify your user details or personal information (especially your password, token password and PIN)
    • Luring you to a fake Capitec Bank website using a link in an electronic communication like an email. When you receive an email, the fraudsters don't necessarily know that you bank with Capitec Bank. They send thousands of emails to random email addresses. The fraudster pretends to be from a legitimate company/institution and usually asks you for your confidential banking and personal info (PIN, username, password, token password, address, credit card info, etc.)

    What is smishing?

    Smishing is a form of phishing - the difference being that a fraudster sends you an SMS trying to collect personal information in different ways:

    • The fraudster might advise you that a bank official will be calling you to confirm your info, including any of your PINs (we'll never ask you for this info). A fraudster then calls you soon after sending the SMS
    • The fraudster might ask you to respond by SMS with certain personal information
    • Remember: Don't be fooled into thinking that the person sending the SMS or calling you is a Capitec Bank employee, even if they happen to have some of your personal information

    How to protect yourself

    We'll never contact you and ask you to verify sensitive personal or account information, PINs and passwords especially. We'll only ask you to verify banking or personal info (never PINs or passwords) if you call us. Please remember the following at all times:

    • Never give your personal details and banking information to anyone
    • Treat emails and pop-up windows asking for your personal details with suspicion
    • Treat emails that appear to be from Capitec Bank asking for personal details with suspicion
    • Don't follow any links in emails to reach our Internet Banking website. Always type our website address (www.capitecbank.co.za or https://direct.capitecbank.co.za/ibank/) to log in to Internet Banking
    • Treat any SMS advising you that a Capitec Bank employee will be contacting you to confirm your personal details or banking information, PINs or a transaction with suspicion
    • Never respond or reply to an email that:
      • Prompts you to enter your personal details directly into the email or submit this information in any other way
      • Threatens to close or suspend your account if you don't take immediate action by providing your personal details
      • Asks you to participate in a survey where you have to enter your personal details
      • States that your account has been compromised or that there has been third-party activity on your account and prompts you to enter or confirm your account information
      • Asks you to submit your username, password, token password, PIN or account numbers in an email or non-secure web page
      • Asks you to confirm, verify, or refresh your account or address details

    What if it's too late? 

    Contact us immediately. The more information you can give us the better.

    • Forward the email that you received to [email protected] and we'll investigate
    • Advise us of any smishing SMSs or phone calls requesting you to confirm personal details by calling us on 0860 10 20 43, visiting your nearest branch or emailing [email protected]. Provide details such as the number you received the SMS or call from and the date and time

    By bringing these cases to our attention, you may assist us in preventing fraudsters from committing further illegal acts. Remember to be alert and stay vigilant. Fraudsters are clever and constantly change their methods to get hold of your personal details and PINs.

    Keylogging or key-stroke logging

    What is it?

    Fraudsters sometimes attach small devices called keyloggers to computers. To install this device, they must gain physical access to your computer. A keylogger logs or records everything that you type on your keyboard which means that they will most likely obtain your username and password.

    Fraudsters also use sophisticated software called spyware to record the keystrokes on their victims' computers. This info is then sent to the fraudsters who analyse the data and identify possible username and password combinations.

    How to protect yourself

    • Make sure that no one has unauthorised access to your computer
    • Don't open suspicious or unfamiliar emails. Never click on attachments that you weren't expecting in an email
    • Only install licenced software on your computer from reputable vendors
    • Ensure that you have the latest version of antivirus software installed on your computer
    • Don't visit high-risk websites on computer/s that you use to access online banking. Examples of high-risk websites include pornographic and gambling sites and sites where software can be downloaded which is not associated with major or reputable software vendors

    What to do if you suspect identity theft

    • Contact the South African Police Service (SAPS) and report the matter. Keep a copy of the police report because we may ask you to provide it
    • Monitor your credit profile closely. Credit bureaus like TransUnion ITC allow you to access and review any changes in their credit profiles for a small fee, which includes email and SMS notifications if accounts are opened using your credentials
    • If your ID book is stolen, it might be a good idea to close your existing accounts to prevent any further harm and open new accounts
    • During the process of reporting identity theft keep copies of all documentation and communications. Take notes of telephonic discussions, including names, dates, times and comments. Ask all agencies you deal with to confirm the actions taken in writing
    • Find out from the police how you can track any criminal records that are posted to your identity and what you should do to ensure that it gets cleaned out once identified