Rise in phone scams – what to look out for and how to stay safe

Over recent weeks, we’ve seen a noticeable increase in fraudulent phone calls where criminals impersonate trusted organisations to trick you into sharing sensitive information (or even make payments). This is called vishing.

What makes these recent attempts particularly convincing is that they appear to include limited, but genuine, information about you. This combination makes the calls sound far more genuine, so extra vigilance is essential.

What’s happening?

In recent cases, criminals are:

• • Calling Nedbank Private Wealth clients – referencing real recent payments, scheduled transactions or beneficiaries.
  • Quoting genuine personal details (where the criminal has intercepted emails / correspondence or accessed previously leaked data).
    • Creating a sense of urgency by claiming:
    • A payment has been blocked
    • An account is at risk
    • Additional verification is required to “protect” funds
    • Suspicious ‘log ins’ have been identified in a different location
  • Pressuring clients to:
    • Authorise a “test payment”
    • Share security codes or one‑time passcodes (OTPs)
    • Add or amend beneficiaries

These details are used to build credibility — making the victim believe the call is legitimate.

What these fraudulent calls sound like

 Client’s report calls where the fraudsters:

• Claim to be from the Fraud, Security or Payments Team
• Reference a “suspicious transaction” or “unusual login” abroad
• Insist you must stay on the line and cannot call back
• Ask for passwords, PINs, card details or OTPs
• Urge you to “reverse” or “verify” a payment

The calls are highly professional and importantly, convincing, often using:

• Background call‑centre noise
• Scripted verification questions
• Spoofed telephone numbers (so the caller ID appears legitimate)

What you should do immediately 

1. Treat any unexpected call about payments as suspicious

Even if the caller knows personal details or previous transactions — this does not mean they are genuine.

2. Never share security information

We will never ask for:

• Full passwords
• PINs
• Full OTPs – we may ask for specific digits, but NEVER the full code
• Card details
• Names of authorised signatories 

3. End the call and independently verify

If you’re unsure:

1. Hang up the call.
2. Wait at least five minutes (fraudsters can hold the line open).
3. Call your bank using the number shown on their official website or the back of your bank card.

4. Do not approve transactions you did not initiate

If prompted to approve a payment you didn’t set up — decline immediately. 

5. Be especially cautious if your email was recently compromised

If you:

• clicked suspicious links
• replied to a suspicious email providing personal details
• experienced an email mailbox takeover

Assume fraudsters may now attempt a follow‑up attack – potentially via phone.

How to protect yourself from both email fraud (phishing) and telephone fraud (vishing) 

We strongly recommend:

• Use strong, unique passwords for email and banking
• Enable multi‑factor authentication wherever possible
• Regularly update passwords and PINs
• Be cautious of urgent or high‑pressure communications
• Do not click links in unsolicited emails or texts
• Verify all unexpected contact independently
• Treat social‑media‑based financial promotions with extreme caution

Summary

Fraudsters are becoming more sophisticated by combining data stolen through phishing with convincing, high‑pressure vishing calls. Taking a moment to pause, verify and never share security information remains your strongest defence.

If you’re ever unsure, hang up and call us directly.