Beware of fraudulent emails stating “Keith Wallace made an online funds transfer to your account”. Please don’t click on the link in the email.
Protecting yourself from fraud
Helping you to stay safe online
Advice on how to keep your identity, computer and money safe while using the Internet
What should I do if I've fallen victim to fraud on my Investec accounts?
Contact us immediately if you think you are or may be a victim of fraud on your Investment Account, Investec card or Bank account.
We take online security very seriously
We place the highest priority on your online security; however you need to take some basic precautions when using the Internet and banking online, to protect your identity, your information and your finances.
What we are doing to protect you
We place the highest priority on the confidentiality and security of your financial information and transactions and are constantly reviewing our infrastructure and security measures, such as firewalls and encryption technology to ensure they’re up to date and meet our stringent security requirements.
We invest significant resources in maintaining the security of Investec Online Banking, some of them are detailed below:
Data encryption
Our Online Banking service is hosted on a secure, 128-bit encrypted server. This means that any information you send us is encoded for your protection.
Timed log out
Online Banking logs you out if you don't use the service for 10 minutes. This gives you added protection if you forget to log yourself out.
Deactivation of your login details
We'll automatically disable your access to Online Banking if three incorrect attempts are made to log in using your details. This is to stop fraudsters making repeated attempts to get into your accounts.
Shopping on line
Verified by Visa, which we provide in association with Visa, protects your cards against unauthorised use when you shop online at participating retailers. When you buy something in a shop using a Investec Card, you validate the transaction by entering your PIN or signing a receipt. Verified by Visa mimics this process online by providing a digital receipt that you authorise using a password.
Travelling abroad
If you're planning to travel, it's best to let us know in advance. This helps avoid problems with using your cards and accounts overseas, as well as helping to protect you from fraud while you're away.
'Traffic lights' - extended validation certificates
If you use one of the more recent Internet Browsers, when you log in to our online banking service, the address bar (which starts with 'https://') will turn green. It's an extra way of helping you check that a website is safe, secure and trustworthy.
What you need to do to protect yourself
To stay secure, please read the following recommendations for best practice online security options:
Install a personal firewall product
Hackers can infect home computers by connecting to your computer while you’re surfing the internet. The best way to protect your computer from unauthorised connections from the internet is to install a personal firewall. There are several options on the market, some of which are free.
- McAfee
- Symantec
- Zone Labs
The firewall sits between your computer and the internet and acts as a security guard, restricting what can enter and leave your computer.
At first, the firewall may ask you what you want to allow in or out of your computer. However, it soon learns to make these decisions independently, based on the decisions you make early on. The most important point is never to allow anyone else to connect to your computer.
Regularly use an antivirus product, and keep it updated
These products can also scan for spyware and adware.
The most common way to receive a virus is through an attachment to an email. Attachments may appear to be word documents, spreadsheets or pictures but often contain malicious viruses. If you use email at home, you should use an anti-virus product to protect yourself and never open an attachment that has not come from a trusted source.
There are many anti-virus products and some are available for home users free of charge:
- AVG
- Kaspersky
- McAfee
- Symantec
- Zone Alarm
With any anti-virus product, it’s important to keep it up to date, so to protect against new viruses that are released. Most commercial products (such as McAfee, Kaspersky and Symantec) have a mechanism to update themselves automatically. The free products typically need to be updated manually.
The anti-virus product should also be scheduled to scan your computer regularly in order to detect and clean out any viruses.
Do not open unsolicited emails with attachments
These may contain a virus. Also, if you receive an unwanted email saying "reply to unsubscribe", ignore it. Senders can use this to confirm your email address is valid - and are then likely to send you more emails.
Review your “Sent items” folder
If it contains messages that have been sent without your knowledge, your computer may have a virus or may have been compromised
Update your operating system (Windows, Mac) and browser (Internet Explorer, Firefox, Safari)
Make sure your computer software has all the necessary security updates available from the vendor. It’s best to ensure this is done automatically.
Ensure no one has unauthorised access to your computer.
Destroy or delete anything containing login details or security information
Even if we sent it to you.
Never email, write down or tell someone your security information or logon details.
The only time you will ever need to enter your Investec Online Banking user ID, password and secret is when you log on to Investec Online Banking at investec.com.
Do not save login details or passwords on your computer
Disable, refuse or decline any on-screen prompt on your computer which asks if you wish the computer to remember any of your security information or logon details.
Avoid reusing the same security information
You should create and use different passwords for each service provided by us, another member of Investec Group or another service provider.
Don’t leave a computer unattended while logged on to Investec Online Banking
Change your passwords regularly
Avoid familiar names, numbers and places (such as birthdays and phone numbers).
Be aware of ‘shoulder-surfers’.
Shoulder surfing refers to people who use direct observation techniques, such as looking over someone's shoulder to get information. Shoulder surfing is particularly effective in crowded places because it’s relatively easy to watch someone as they fill out a form or enter their PIN or passwords at a cash machine or while using online banking.
Protect your printed or physical information just as you would protect your valuables.
This includes statements from financial institutions, shops and utility bills. Shred or destroy any personal documents you don’t need to keep.
Always log off from Investec Online Banking
It’s important to always end your session by clicking on the Log off menu item before closing the browser. Investec Online Banking does have an automatic timeout feature for security purposes, but we always recommend you end your Investec Online Banking session once you’ve completed your online banking activities.
Protect yourself from fraud
There are numerous scams that fraudsters are using to steal from you or trick you into paying money or sharing personal information.
Identity theft and Social engineering
Social engineering
Social engineering is the act of manipulating people into doing what you want. In terms of online fraud, a fraudster will usually trick people into disclosing their passwords, log-in details or other confidential information.
You can protect yourself by:
- Not disclosing confidential information over the phone unless you're absolutely sure of the caller's identity. If in doubt, ask for the caller's phone number and check it to see that it's genuine.
- Never sending confidential information by email. It can easily be intercepted by a third party, and companies like ours will never ask you to email personal details, account information or passwords.
- Keeping your PIN confidential at all times. Banks, including us, will never ask you to disclose your PIN.
Identity theft
Your identity is a valuable commodity, however over 100,000 people fall victim to identity theft each year.
Identity theft is when a fraudster steals your personal or financial details, which criminals then use to impersonate you, open bank accounts, obtain credit or set up businesses.
Once your details are stolen, you could become a victim of identity fraud.
Be suspicious if you notice any of the following:
- Bills, invoices or receipts addressed to you - for goods or services you haven't ordered
- Letters from solicitors or debt collection agencies regarding debts that aren't yours
- Letters or statements for bank accounts you did not open
- Transactions appearing on your bank statements (normally withdrawals) that you don't recognise
- New accounts showing up on your credit report
- Documents like your passport, driving licence, utility bills or bank statements have gone missing
If you’ve been a victim of identity fraud you should act quickly – don’t ignore the problem. Even though you didn’t order those goods or open that bank account, the bad debts will end up under your name and address.
Contact us immediately if you think you are or may be a victim of fraud on your Investment account, Investec card or Bank account or you suspect that somebody has accessed your on line account.
If you think you’re a victim of this kind of identity fraud, you should report the matter to the relevant organisation. Depending on their advice, you should then alert your local police force. You should report all lost or stolen documents – such as passports, driving licences, plastic cards, cheque books – to the relevant organisation.
You can learn more about identity theft at the UK Police’s Action Fraud website
Advance fee frauds
Advance fee frauds or Nigerian 419 scams
Advance Fee Frauds or Nigerian 419 scam (the name comes from section 419 of the Nigerian criminal code) combine the threat of impersonation fraud with a variation of an advance fee scheme in which a letter or email offers the recipient the “opportunity” to share in a percentage of millions of dollars that the author is trying to transfer illegally out of a developing country. The scheme relies on convincing a willing victim, to send money to the author in several instalments of increasing amounts for a variety of reasons.
Payment of taxes, bribes to government officials, and legal fees are often described in great detail with the promise that all expenses will be reimbursed as soon as the funds are spirited out of the country. In fact, the millions of dollars do not exist, and the victim eventually ends up with nothing but loss.
If you receive a letter or email from anybody asking you to send personal or banking information, do not reply; simply delete the letter or email.
Remember the golden rule: If it sounds too good to be true, it probably is.
Allen and Violet Large
Allen and Violet Large
We are aware of several fraudulent emails circulating, which appear to come from Investec but actually come from organised criminals.
The emails state that you have been selected by a Canadian couple called Allen and Violet Large to receive a significant donation from their lottery winnings.
These emails are nothing to do with Investec and are actually part of an "Advance Fee Fraud", more commonly known as a "Nigerian 419 scam". For more information on Advance fee fraud or Nigerian 419 scams, please see the FBI website.
If you have received one of these emails, do not respond to the fraudsters but simply delete the email.
If you have paid any money, you should report this to your local law enforcement for them to investigate.
Phishing
Phishing
Phishing (pronounced fishing) is a process used by fraudsters in an attempt to acquire your confidential information by sending out emails or other kinds of messages that direct you to bogus websites or phone lines. They believe that if they send out enough emails somebody will respond (or “bite”) and provide personal or financial information.
These emails or messages claim to be from a particular company, so they often look legitimate. But these messages are actually sent by fraudsters, often at random. Any information you disclose on these bogus websites or phone lines is captured by the fraudsters.
You can protect yourself by treating any unsolicited emails or calls that ask for confidential information with suspicion. If in doubt about the validity of a particular message, contact the company that supposedly sent you the message to make sure it’s genuine.
To learn more about phishing, visit the UK banking industry’s website Bank Safe Online.
If you have received a fraudulent or suspicious email, which you have not responded to please forward the e-mail to phishing@investec.co.za
If you have responded to a phishing email please Contact us as soon as possible to help us protect you and your finances.
Please note, we may send you emails from time to time. However, we will never send you an email asking for your security information or logon details, or direct you to a web page that asks for this information. We will also never send you an email with a link to Investec Online Banking.
Other
Computer Malware
Malware is the collective term for any malicious software that might infect a computer, including Trojans, viruses and spyware. The development and spread of malware is becoming increasingly sophisticated and is driven by organised criminals for financial gain.
Trojans
A trojan is a type of malware that is capable of stealing information, recording your passwords and other personal details by capturing your keystrokes or taking screen shots of sites you visit. These details are then sent to the fraudsters to help them steal your money.
Trojans can be installed from infected websites or storage devices connected to the computer and you may not even know that you are infected.
The best way to protect yourself from trojans is to install firewalls and internet security software on your computer and to keep these things up-to-date.
Computer Viruses
Viruses are designed to replicate and multiply, spreading between computers. They can cause severe problems, sending out spam email, slowing down or crashing your computer, corrupting or deleting files, and sending confidential information to fraudsters. Viruses may even redirect your internet browser to spoof websites.
The most effective protection is to keep your computer’s security up-to-date and anti-virus up-to-date.
Spyware
Spyware is designed to invade your privacy, gathering information about your computer and internet activity. Spyware can also be responsible for irritating pop-up adverts, slowing down your computer, and sending confidential information to fraudsters.
Spyware can be installed from infected websites or storage devices connected to the computer and you may not even know that you are infected.
The most effective protection is to keep your computer’s security up-to-date. Many anti-virus packages now come with built-in protection against spyware, so make sure you always have the latest version.
Money mules
Most bank accounts do not allow customers to make online cross-border transfers. Since most online fraudsters tend to be based outside the UK or SA, they need people to help launder the funds they receive from their scams. These people are called money mules and they are often innocent victims themselves.
Money mules receive funds into their accounts that fraudsters have stolen. These funds generally come from other victims whose bank accounts UK have been compromised. The money mules are then encouraged to send the funds to the fraudsters overseas using a wire-transfer service, minus their commission.
Money mules are recruited through a variety of methods, including spam emails, genuine job search websites, email responses to a victim's online CV, instant messaging and newspaper ads.
This scam offers you the chance to earn some easy money for a few hours' work each week, but beware: Handling money that's been obtained fraudulently is a crime, even if you're not knowingly complicit in the crime.
You can protect yourself from becoming involved by:
- Treating any unsolicited job offers with suspicion, especially if the company is based overseas.
- Verifying the details of any company that you’re considering working for.
- Not giving your bank account details to anyone whom you don't know and trust.
Assisting a criminal transfer of monies to another account could make you subject to criminal investigation, which may lead to your prosecution
Remember the golden rule: If it sounds too good to be true, it probably is.
For more about money mules, visit the UK banking industry's website Bank Safe Online
