A new scam is circulating online in South Africa where criminals pose as legitimate air travel representatives to gain access to people’s bank information.
This problem was recently highlighted by Discovery Bank, which issued a warning to its clients cautioning them to be wary of fraudulent airline advertisements on the internet.
This type of criminal activity is known as a remote access scam – a phishing attack that manipulates victims into giving the perpetrator access to their mobile devices and remote banking details.
Phishing is a form of internet crime where individuals trick their targets into revealing sensitive information using links that direct the person to a fraudulent website.
These attacks are typically conducted on a broad scale with the goal of reaching as many people as possible.
The hope is that casting a big enough net will result in at least a few individuals taking the bait, which is why these scams are often framed as ads on social media, where they can potentially get the attention of thousands of users.
The South African Banking Risk Information Centre notes that human interactions are usually the weakest link in a security chain, and that criminals aim to exploit this issue by posing as trusted sources.
The scam
In one of the cases highlighted by Discovery, the victim had been lured to a fake website via a social media post, which promised exciting flight opportunities.
Once on the site, the person is contacted by a scammer posing as a travel agent, who offers the victim further information about the advertisement they clicked on.
The scammer then attempts to convince the person to download a fake airline app to continue their travel arrangements.
Discovery warned that the illegitimate apps gives the criminals remote access to the user’s phone, allowing them to steal information log in details for various payment and banking services.
Once the scammer has gained access to the victim’s device, they instruct the person to log into their banking app to finalize a transaction, after which the phone screen goes blank.
At this point, the person has complete control over the person’s device and banking app, allowing them to make several transactions before the bank eventually blocks the account for unusual activity.
To avoid scams like these, the first step is to exercise caution and question when an advert looks too good to be true, said Discovery.
If an ad seems legitimate, the safe course of action is to book the flights through an official airline website or through a trusted travel agency.
Unfortunately, scammers try to mimic the look of legitimate websites to make the ploy more convincing, which makes this process much harder.
One measure you can take is to use a service like YIMA, which can verify whether a website’s URL is authentic.
It is also recommended that you never allow remote access to your device when screen sharing.
One final detail is to consider whether an ad uses pressure tactics like limited-time offers or urgent requests, as scammers use these methods to instil a sense of urgency where a person is less likely to double-check what they are doing.
Loading ...
