Get more Mail & Guardian
Subscribe or Login

Phishing can cost you, big time

Sitting at your desk doing internet banking may make you feel safe. After all, it is not a bank, where someone can steal your bulging wallet when you step outside. But that friendly email claiming to be from your bank and asking you for your details could cost you and you alone.

If you fall foul of a phishing scam and give away your details because of your own negligence, banks are probably not liable, according to Aslam Moosajee of law firm Norton Rose.

Phishing is when fraudsters masquerade as a legitimate organisation, such as a bank. They create fake websites or send emails that appear to be from the organisation. Usually these ask customers to re-submit their personal and banking details, such as ID, pin and account number. If the customer does this his or her details are used to take money out of the account. International cyber security company Symantec says one in 319 emails worldwide is some sort of phishing attack.

Moosajee said a ruling last year in Nashua Mobile vs GC Pale CC showed the way for banks not to be liable. In this case Pale tried to sue Nashua after R160 000 was transferred illegally from its bank account. It blamed Nashua because someone performed a “SIM-swap”, which allowed the person to get the details of someone in the organisation and, therefore, the banking details.

This form of phishing occurs when someone manages to convince a cellphone company that he or she is another person. The phisher gets a copy of the person’s SIM and acts in his or her stead, taking all other information.

The chief executive of Absa, Gavin Opperman, said this scam is on the rise in South Africa.

Pale lost its case and Moosajee said what emerged from the ruling was that banks are not liable in cases like this. Instead, the customer’s “negligence” was blamed by the court, he said.

He said the courts understand that banks are doing “a lot to improve security”. As a result he did not know of any cases where a bank was held responsible. The ruling has not been tested.

Bongani Diako, spokesperson for the South African Banking Risk Information Centre, said his organisation is also “not aware” of any court cases where banks have been held liable for phishing.

In some cases, he said, banks have compensated victims.

Opperman said customers “should educate themselves” so that they can avoid such scams. This is the time of year when they start escalating, he said.

A report by Norton internet security earlier this month found that 84% of South Africans who are online have experienced a cyber-crime in their lifetime. The global average is 69%. And, although phishing is not the largest part of this, it is one of the most harmful.

Norton also found that the blame for this might lie with outdated security software — 24% of online South Africans are running old programmes.

Banks have reacted swiftly to phishing attacks in the past.

Last month Absa suspended all credit card payments to EasyPay, an online payment portal, because a third of all transactions had been fraudulent.

It was reported that R500 000 was returned to customers. Absa said it is investigating how much in total was stolen.

Although banks are safe from liability, Moosajee said he thought there was a chance of this being challenged under the Consumer Protection Act.

Subscribe to the M&G

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years, and we’ve survived right from day one thanks to the support of readers who value fiercely independent journalism that is beholden to no-one. To help us continue for another 35 future years with the same proud values, please consider taking out a subscription.

Sipho Kings
Sipho Kings is the acting editor-in-chief of the Mail & Guardian

Related stories


Subscribers only

Zuma has ‘lost trust’ in his lawyers in bitter 11th-hour...

The former president is looking for new pro bono legal counsel to defend him on arms deal charges, on the brink of the matter going to trial after 17 years

Q&A Sessions: For Mosadi Mahoko, plastic surgery isn’t glamorous, ...

Plastic surgeon Dr Mosadi Mahoko reflects on the less glamorous aspects of her job, winning the prestigious Jack Penn award and why she loves the sea

More top stories

Modack’s defence tells state to get its act together

The state’s case against Nafiz Modack and co-accused has been transferred to the Blue Downs regional court over security concerns

‘Who will feed my children if these powerships chase the...

Final EIAs for controversial Karpowership projects submitted to environment minister Barbara Creecy

‘Don’t panic’ about India Covid variant

Scientists in South Africa say there’s no evidence that the B.1.617 is worse than our local variant

Editorial: Covid-19 vs ANC palace politics

Our way of life is still far from finding its “new normal” and we aren’t getting any closer, while palace politics once again take centre stage as we head to October’s local elections

press releases

Loading latest Press Releases…