Security Centre

Secure Code is a feature that helps us to identify that it is really you making the transactions. It is a unique code that will be sent to your mobile phone via SMS.

How to recognise a phishing scam

Don’t be caught out! Find out what you need to look out for to avoid becoming a victim.

Fraudsters often send out emails claiming to be from Absa (or other reputable organisations) – commonly known as ‘phishing’ - many of which look very authentic as they make use of the Absa logo and corporate colours to convince you that the email is legitimate.

Often, the content of the email makes reference to your account being suspended, and the only way you can stop this suspension is to click on the link supplied and update your personal details. Although this link does not link to the real Absa website, these websites are usually designed to look exactly like the Absa site, and it becomes difficult to differentiate between this site and the real site.

There are some recurring themes that you can look out for when you receive an email, including:

• Terrible grammar
• Strange email addresses/Unknown email addresses
• A request to click on a link in an email

Never reply to a spam email - This only confirms that your email address is active, and will spur the fraudsters on to send you even more spam.

Delayed phishing attacks

In some cases, fraudsters may obtain your access credentials long before any attempt is made to defraud your account. It is very important to change your banking logon information such as your username and password regularly to prevent delayed phishing attacks.

Steps to avoid being a victim of phishing attacks

Although we have a number of security measures in place to protect you, your awareness is the key to avoid being a victim of phishing attacks, so bear the following in mind when you receive an email claiming to be from Absa:

• Never reply to these emails, and don’t click on any links
• Never provide your personal details such as your PIN or account details via email or on any links within these emails. We already have information like your ID number, cell number and email address and will never ask for them via email.
• Never navigate to our site using a link from an email – always type in the address.
• Delete spam emails immediately. Even a request to remove your email address from the mailing list will confirm to the fraudsters that your email account is active, and could open you up to more attacks.
• Never open an email attachment unless you know who sent the message.
• Use the latest browsers, which come with filters that alert you when you visit a website that contains potentially unsafe website.
• Absa will never send you a letter or email asking you to complete your personal details by clicking on a link in an email.

It is vital that you are aware of some measures that you can take to make you more secure online, such as:

• Always keep your personal access information secure, and change your PIN and passwords regularly.
• Never open a link or an attachment within an email claiming to be from Absa as this may link to a fraudulent website or download a virus or key logging software that will compromise your security.
• Be aware that phishing scams have also been received through instant messaging systems such as Google Talk or Skype; as well as through social networking websites such as Facebook. When in doubt of the authenticity of a link or a claim, simply don’t click it.
• Install good quality security software and ensure that you have updated to the latest version of your browser. Most of the newer browsers have the inherent ability of detecting fraudulent websites.
• Don’t bank or shop online when using a public terminal such as those found in internet cafes, hotels, coffee shops or student labs. Key logging software could be present on the computer, and will send all your personal information to the fraudster, who could then use this information to clear out your account.
• Before you bank online, ensure that you are actually within the secure internet banking website. Once you visit www.absa.co.ke and click on the internet banking link, you will be redirected to an available banking server. Once there, check the browser address. It should begin with ‘https://’ (not ‘http://’). Also check the browser for a closed lock and/or key icon – which should either be at the top or the bottom of the screen.
• When leaving your computer, always end the current session by closing your browser window, and never leave your computer unattended during an Internet banking session.