TymeBank has issued a critical warning to consumers regarding a sophisticated phishing scam that is exploiting this tax change as South Africa braces for the imminent VAT increase set to take effect on 1 May, Cape {town} Etc reports.
Fraudsters are actively preying on unsuspecting individuals, tempting them to reveal personal information under false pretenses tied to impending changes in value-added tax.
Head of Operational Risk and Fraud at TymeBank George Wandsella, emphasises that the scam is not only targeting the bank’s customers but extends to anyone with an account or subscription where VAT is applicable.
‘This includes mobile service providers, retailers, healthcare service providers, and similar businesses,’ he explains, highlighting the broad spectrum of potential victims.
The fraudulent notifications mimic legitimate communication, creating a deceptive sense of urgency that entices users to click on links labelled with phrases such as ‘learn more,’ ‘see updated charges/fees,’ or ‘verify your account.’
‘However, these links direct users to phishing websites meticulously designed to harvest login credentials and other sensitive data,’ Wandsella said.
Wandsella added that this concerning trend underscores the increasing threat posed by opportunistic cybercriminals, particularly during key periods such as holiday seasons and tax filing times when many individuals are preoccupied and less vigilant.
Wandsella urges consumers to remain alert, insisting on a proactive approach: ‘TymeBank has zero tolerance for fraud and is unwavering in our commitment to protect our customers. We urge them to be cautious and to stop and think before they click.’
Phishing and vishing are tactics commonly employed by cybercriminals, where attackers impersonate trusted institutions often banks to trick victims into revealing their personal or financial details, including passwords, card numbers, or one-time passwords (OTPs).
‘Such scams can manifest through various channels, including emails, SMS messages, or counterfeit websites disguised as genuine services,’ Wandsella stated.
TymeBank reminds customers of the following essential security practices:
- Never share personal passwords, PINs, or OTPs. TymeBank—and all reputable banks—will never request this information via phone, email, or SMS.
- Use biometric authentication, such as fingerprint or facial recognition, on your banking app to enhance account security.
- Pay attention to unexpected loss of mobile signal, SMS delivery issues, or unfamiliar SIM notifications. These may indicate a SIM swap. Contact your mobile provider immediately and notify TymeBank if you are a customer.
- Even if the caller ID appears to show your bank’s number, remain cautious. Fraudsters can spoof numbers to look legitimate. Hang up and call the bank using verified contact details.
- Keep your smartphone’s operating system and banking app updated to the latest version to benefit from security enhancements.
- Check your transactions regularly and enable real-time notifications to spot any unusual activity quickly.
- If you receive a suspicious or high-pressure call, SMS, or email, end the interaction immediately and report it to your bank directly.
- Scammers often create a false sense of urgency. Always take time to verify requests, no matter how urgent they seem.
Also read:
Picture: TymeBankZA / Facebook
