How to avoid phishing emails from South African banks

For the first 8 years of my professional career I specialised in information security or Internet security working for various ISPs and banks in South Africa, England and United Arab Emirates. The particular focus I had was looking after the network security and managing the firewalls. So for the most part my work was extremely technical and I implement many security systems from the smallest companies to very large corporates. At some point I worked for Deloitte and gained an appreciation for auditing computer systems, ethical hacking as well as producing management reports assessing the major risks of the computer system in terms of the business imperatives. I met many weird and interesting characters who were either black hat or white hat hackers over the years. One of them is a very good friend who shall remain unnamed and once hacked into the company who hosts the email and websites for the ANC, Cosatu and the SACP.

Anyway the phishing emails, which are now common from local South African banks, came through from international banks as far back as 5 years ago. Back in 1997 I worked for Internet Solutions who implemented both Nedbank and First National Bank’s Internet banking products and this gave me the inside scoop like nothing else. I immediately adopted online banking being a long-term client of FNB because my mother worked for them for last 32 years. As a long time user of online banking I have seen various trends come and go but this phishing trend is only growing bigger and more pervasive. And I can say with 100% confidence I’ve never been duped into following up on phishing requests. It’s really simple for because I have 15 years of experience on the Internet I can recognise these fake emails a mile away. How do you recognise these phishing emails from your local South African bank?

First National Bank South Africa phishing email

Firstly these emails are coming through much more frequently than your bank bothers to communicate with you. If banks only began communicating with educational marketing messages they could have avoided some of the embarrassment they have since faced.

The basic thing to do here is to look at the link for the website. So even though the link above said www.online.fnb.co.za the actual link would be more like http://somespammerwebsite/fnb – what you need to do is look at if the link address (while hovering your mouse over the underlined, linked text) is the same as your bank’s actual website domain e.g. fnb.co.za, absa.co.za, nedbank.co.za or standardbank.co.za!

I have also noticed phishing emails coming from Investec and other financial services companies, NOT just the banks.

When you’re in doubt delete all such email requests. And an even better solution is to use your email software like Microsoft Outlook, Mozilla Thunderbird or Gmail to list them as spam, if the email software has not done so already. Finally I highly recommend you read up on the consumer advice from the Anti-Phishing Working Group and apply all the same to South African Internet experience.

 

Author: RJ Thomas

RJ Thomas is an International Relationship Builder. He was born in South Africa, and moved to China in 2013.

  • People should not click through from inside the email itself but instead visit the website manually.

    Of course – getting people to follow that rule is nearly impossible because it *more work* than clicking through.

    That’s the key with security – it needs to be easier than non secure alternatives, or it’s useless.

    I run an online password manager, so keeping security usable is top of mind for me. We offer a 1 Click Login button that helps our users be less susceptible to phishing: if the URL address of the site does not match the one memorized in PassPack, you will not be logged in.

    It’s easy, so they use it.

    Here’s 1 Click Login in action:
    http://tinyurl.com/37b6cw

    Cheers,
    Tara Kelly
    PassPack Founding Partner