<\/p>\n
\u00a0It’s that time of the year when our mailboxes are infiltrated by messages from SARS and we start making sums and filling out forms. Unfortunately elusive cyber criminals also know that this is the perfect time to prey on our gullibility.<\/p>\n
So it’s most likely that you will be receiving (if you haven’t already) a so-called e-mail from SARS asking you either to verify your information or to let you know that a much-welcomed amount has been paid into your account. (see example below) Don’t get excited – it’s not really SARS.<\/p>\n
Clicking on the hyperlink in the email takes you to a fake \u201ce-filing\u201d site that has hyperlinks for the four big South African banks and instructions to log on to your Internet banking site for \u201cconfirmation of your details\u201d.\u00a0 When you follow the Nedbank link (as an example), you are taken to a copy of the Nedbank internet banking site that asks for profile, pin and password.\u00a0 Supplying these takes you to a second page that asks you for your mobile number.\u00a0 Submitting information on this page takes you to a page that requests the reference number sent to your cellphone.<\/p>\n
Do not authorise any\u00a0cellphone message that comes through if you end up in the above situation.\u00a0 Furthermore, do not click on any hyperlinks in emails or divulge your account or mobile number details to anyone over the phone or via email.\u00a0\u00a0Banks will never ask you to access internet banking through a link in an email, neither will banks ever ask for your mobile number when you access internet banking.<\/p>\n
Look out for the following tell-tale signs:<\/p>\n
– \u00a0when you move with your pc’s mouse over the link, it won’t be the official, correct web address
– \u00a0the e-mail isn’t addressed to you personally – your name isn’t mentioned anywhere
– \u00a0the address it was sent from is a generic one that doesn’t exist
– \u00a0there is no reference or account number
– \u00a0no contact person is mentioned<\/p>\n
If you’re unsure, rather go directly to the SARS e-filing web site (type in\u00a0http:\/\/www.sarsefiling.co.za\/<\/a>)\u00a0and see if there were any payments made to your account.<\/p>\n ———————————————————————————————–<\/p>\n From:<\/b>\u00a0Sars Efiling <message@sars.co.za<\/a>> We have filed your return and made a deposit of R3,650.80 into your account.<\/p>\n Confirm your filing<\/b><\/a><\/p>\n This is an automated email, replies sent to this address will not be received.<\/p>\n Sars eFiling<\/strong><\/p>\n <\/p>\n <\/p>\n Dis weer die gevreedse tyd van die jaar wanneer ons posbusse geinfiltreer word deur boodskappe van SARS en ons paniekerig begin sommetjies maak en vorms invul. Ongelukkig besef die bedrieglike kuberkriminele ook dat dit die perfekte tyd is om misbruik te maak van mense se goedgelowigheid.<\/p>\n Die kans is dus goed dat jy binnekort (indien jy nie reeds het nie) `n sogenaamde e-pos van SARS sal ontvang wat jou vra om jou inligting te verifieer of om jou te laat weet dat daar vir jou `n gawe bedraggie in jou rekening inbetaal is. (sien voorbeeld onder) Moenie opgewonde raak nie – dis nie SARS nie.\u00a0<\/p>\n As jy kliek op die skakel, neem die e-pos jou waarskynlik na `n vals “e-filing” webwerf wat skakels het na vier groot Suid-Afrikaanse banke en instruksies om aan te teken op deur middel van internet bankdienste om jou details te “bevestig”.<\/p>\n As jy (byvoorbeeld) die Nedbank-skakel volg, word jy geneem na `n kopie van nie Nedbank internetdienste webwerf wat vra vir jou profiel, pin en wagwoord. \u00a0As jy hierdie inligting verskaf, word jy geneem na `n tweede blad waar daar vir jou selnommer gevra word. Deur die inligting te verskaf, word jy weereens na `n volgende blad geneem wat versoek dat die verwysingsnommer na jou selfoon gestuur word. \u00a0\u00a0<\/p>\n Moet onder geen omstandighede enige magtiging gee per selfoonboodskap as jy in bogenoemde situasie beland nie. Moet ook nie kliek op enige skakels in e-posse of rekeningbesonderhede of selfoonnommer-details aan enigiemand verskaf per e-pos of telefonies nie.<\/p>\n Kyk uit vir die volgende:<\/p>\n – \u00a0as jy met jou rekenaar se muis oor die skakel beweeg en dis nie die amptelike adres nie. Indien jy twyfel, gaan eerder na SARS se eie e-filing webwerf (tik\u00a0http:\/\/www.sarsefiling.co.za\/<\/a>\u00a0in) en gaan kyk of daar inderdaad vir jou ‘n inbetaling is.\u00a0<\/p>\n ———————————————————————————————–<\/p>\n
Date:<\/b>\u00a030 July 2013 19:37:38 EDT
To:<\/b>\u00a0<fakeaddress@sun.ac.za<\/a>>
Subject:<\/b>\u00a0You have a new transaction message<\/b><\/p>\n
– die e-pos is nie aan jou geaddresseer nie – maw jou naam word nerens in die e-pos genoem nie.
– die adres waarvan dit gestuur het, is `n generiese adres wat nie bestaan nie.
– daar is geen verwysings- of rekeningnommer nie.
– \u00a0geen kontakpersoon word genoem nie.<\/p>\n