“These scams are increasingly difficult for customers to identify, as calls and e-mails appear to come from their banks’ legitimate contact details,” the bank said in a statement on Monday.
“With the rapid development of artificial intelligence, we have seen an alarming enhancement in spoofing techniques,” said the bank’s head of fraud risk management, Athaly Khan. “Current scams look and sound more real than ever before.”
Fraudsters are using AI to access advanced technologies such as voice cloning, deepfake videos, chatbots and AI-generated phishing e-mails. This makes consumer awareness more critical than ever, Khan said.
Spoofing is a deceptive tactic where criminals impersonate trusted entities, like banks, by manipulating caller ID or e-mail addresses to appear legitimate, the bank said. And it’s being combined with “vishing” scams, where criminals call customers using what appears to be a valid Standard Bank number.
“The call mimics the tone and structure of a genuine bank interaction, often including standard security questions and disclaimers. To build trust, scammers may reference personal details such as birth dates, addresses or account types. This information might seem harmless, but it is used to create credibility.”
‘Stay calm’
“Typically, the caller claims to be calling about a service offering or to validate detected suspicious activity on the customer’s banking profile, such as unauthorised changes to their contact details. Once panic sets in, they offer fake solutions such as asking customers to transfer funds to a ‘safe’ account, scan a QR code, click a link, or share sensitive information like one-time Pins or instant money voucher codes and Pin,” it said.
“Phishing e-mails appear to come from a legitimate e-mail from a bank employee and replicate the bank’s branding. These messages often use an urgent, threatening tone to pressure customers into acting quickly. For example, they may claim that accounts have been flagged due to KYC (‘know your customer’) or Fica compliance issues.
Read: Standard Bank joins forces with Checkers Sixty60
“Usually embedded in these e-mails is malware hidden in links, attachments, icons or QR codes. Clicking or scanning these elements can install harmful software on a customer’s device or redirect them to legitimate-looking fake websites designed to steal login credentials and card details. The e-mails typically impose tight deadlines, ranging from hours to a few days, to heighten anxiety and push immediate action.”
What not to do
Standard Bank cautioned its clients not to:
- Transfer funds to another account on instruction. Your bank can secure your funds without your involvement.
- Don’t generate instant money vouchers at someone else’s request. Authentication doesn’t require transactions.
- Don’t click links, icons, download attachments, or scan QR codes from texts or e-mails. Standard Bank doesn’t send these via digital communication.
It said bank clients should never:
- Share login details, card expiry date, CVV (three digits on the back of your card), OTP or ATM Pin.
- Disclose financial information like your investments or where you hold other financial products.
- Reveal your account details. You could unknowingly become a money mule.
“Fraud is widespread and constantly changing. Scammers use fear and urgency to manipulate victims. Stay calm, think critically, and always remember what not to do and what not to share,” Standard Bank said. — © 2025 NewsCentral Media
Get breaking news from TechCentral on WhatsApp. Sign up here.
Don’t miss:
Meet the CIO | Standard Bank Group’s Jörg Fischer – mission-critical IT