South Africans are urged to be cautious as scams on WhatsApp become increasingly sophisticated and convincing. Picture Credit: Avast
By Aisha Zardad
South Africa – South Africans are being urged to exercise caution as WhatsApp scams continue to grow in sophistication, targeting both personal and financial information. Cybersecurity experts warn that these scams exploit unsuspecting users through phishing messages, fake verification requests, and impersonation of official organisations, including banks and government agencies.
Michael Lazenby, a cybersecurity analyst, said: “The threat landscape is evolving rapidly. Fraudsters are leveraging trust in platforms like WhatsApp to trick users into sharing sensitive information, often with the aim of stealing money or identities.” The scams often involve messages claiming to be from banks, government agencies, or popular e-commerce platforms, asking users to verify accounts, provide OTP codes, or click on malicious links.
One common tactic involves impersonating the South African Revenue Service (SARS) or pension fund administrators, targeting elderly users and those unfamiliar with digital security protocols. Lazenby emphasised that these scams are not limited to a single demographic: “Young professionals and tech-savvy individuals are also falling victim because the messages are increasingly convincing and personalised.”
Yvette du Toit, from the digital security firm Ziyasiza, highlighted the psychological aspect of these attacks. “Scammers rely on urgency and fear to manipulate users. A message claiming your account will be frozen or that you need to claim a payment immediately can lead to hasty decisions that compromise security.” She added that multi-step scams often begin with seemingly harmless messages, gradually requesting more sensitive information as trust is established.
Recent reports indicate a spike in WhatsApp fraud cases in South Africa over the past year, with victims losing thousands of rands. In one example, pensioners were targeted by messages claiming government support funds, instructing them to provide personal banking details. Authorities confirmed that these messages are fraudulent and that no official government agency requests sensitive information via WhatsApp.
The National Cybersecurity Centre (NCSC) advises users to remain vigilant by verifying the sender’s identity before responding to any message, avoiding clicking on unsolicited links, and enabling two-factor authentication on accounts. Users are also encouraged to report suspected scams to their banks and to the South African Police Service (SAPS) to assist in tracking criminal networks.
Experts stress that prevention and awareness remain the best defence. Du Toit explained: “Education is key. Users need to understand how to recognise red flags: unexpected requests for OTPs, messages from unknown contacts claiming urgency, or inconsistencies in language and grammar can all indicate a scam.” Regularly updating apps and devices, and using official sources for downloads, also reduces exposure to malicious activity.
WhatsApp itself has implemented security features, including end-to-end encryption and account verification protocols, but experts warn that no technology alone can protect users if social engineering tactics are successful. Lazenby advised: “The human element is often the weakest link. Always think before you click, especially when the message seems urgent or too good to be true.”
As digital communications become increasingly central to daily life in South Africa, authorities, cybersecurity experts, and the public must work together to reduce the impact of these scams. Vigilance, verification, and education are essential to protect users and their personal information from fraudulent activity on messaging platforms.
