Recipients of the South African Social Security Agency (SASSA) grants are urged to exercise serious diligence when transacting online and to verify payments through official SASSA channels.
This caution comes in the wake of an investigation that uncovered significant security flaws in SASSA’s Social Relief of Distress (SRD) grant system, making it vulnerable to fraud.
NOW read: All 8 Grant Payment Dates for March 2025
Fraudulent Websites Exploit System Vulnerabilities
The investigation revealed that fraudulent websites mimicking SASSA’s official platform are stealing personal data from applicants. Victims have already suffered from identity theft and financial fraud. These alarming findings were presented to Parliament’s social development portfolio committee on Wednesday, February 26, 2025.
Stanley Matshote, who presented the findings to Parliament, explained that security flaws were identified in SASSA’s system. The system was classified as a “medium” threat level. “While the system is not highly vulnerable, it is still susceptible to attacks that could compromise security if left unaddressed,” Matshote said.
Key Security Concerns Identified
Key concerns highlighted in the investigation include weak authentication mechanisms, which make it easier for hackers to gain access; unprotected backup files, increasing the risk of data leaks; missing security headers, exposing user information to potential breaches; and server misconfigurations, allowing unauthorised access to sensitive internal data.
“The loss of confidentiality, integrity, or availability of these information assets could reasonably be expected to result in serious harm to individuals or the Institute,” Matshote warned. He noted that numerous fraudulent SRD applications have been made by exploiting weaknesses in the system, with a large number succeeding, thereby defrauding the government. “This is the very essence of a high level of risk,” he added.
Recommendations to Strengthen System Security
To mitigate these risks, Matshote recommended that SASSA implement multi-factor authentication, stricter controls on grant applications, and regular security audits. He also pointed out that the malicious sites operating without SASSA’s approval may be violating data protection laws such as the Protection of Personal Information Act (POPIA) in South Africa.
Matshote highlighted that these fake platforms harvest personal data from unsuspecting applicants, with some already falling victim to stolen identities.
The fraudulent sites, https://srd-sassa.org.za/ and https://srdsassagov.co.za/, are not affiliated with SASSA but claim to provide accurate information about social grants. These sites collect personal data from applicants, Matshote told MPs.
The official SASSA websites are https://www.sassa.gov.za and for Social Relief of Distress, https://srd.sassa.gov.za/.
“It is recommended that SASSA considers issuing an immediate public advisory warning beneficiaries about the unofficial (fake) sites. Authorities should also work with domain registrars and cybersecurity teams to shut down these unofficial (fraudulent) websites,” Matshote said.
He further recommended that SASSA link each applicant’s ID to a unique phone number to prevent multiple registrations, expand biometric verification to detect fraud more effectively, and conduct regular testing to strengthen the system against SASSA cyber threats.
SASSA’s Response to the Findings
Acting SASSA CEO Themba Matlou acknowledged the vulnerabilities in their system but emphasised that steps were being taken to address them.
“We’ve put in place risk mitigation processes,” Matlou said, adding that security updates were being implemented. “The system is secure. We’ve reconfigured the server after receiving the report, but obviously, there’s still work to be done,” Matlou told MPs.
The investigation was prompted by findings from two Stellenbosch students, who discovered vulnerabilities in the SASSA payment system.
They found that large numbers of fraudulent SRD applications were being made using ID numbers of individuals who had recently turned 18.
Their research led Social Development Minister Nokuzola Tolashe to launch an inquiry, which was conducted by Masegare & Associates Incorporated.
March Payments to Proceed with Enhanced Oversight
Tolashe promised stricter oversight and accountability with the upcoming March payments.
Despite the identified flaws, SASSA has confirmed that Children’s Grants will be paid from Thursday, March 6, 2025. Recipients are reminded that there is no need to rush to withdraw cash on the first day, as the funds will remain in their accounts until needed.
SASSA continues to urge beneficiaries to stay vigilant and only use official channels for grant-related transactions. The agency is committed to improving the security of its systems to protect the personal information and financial well-being of all grant recipients.
Child Support Grant Increase: What Beneficiaries Need to Know
The Child Support Grant is set to increase from R530 to R580 per child per month starting in April 2025. This adjustment is expected to be officially announced during the upcoming Budget Speech on March 12, 2025. The grant plays a pivotal role in supporting low-income households by providing essential financial assistance to help cover the basic needs of children.
Why is the Increase Necessary?
South Africa has experienced a steady rise in inflation, leading to increased living costs. Necessities such as food, clothing, and educational supplies have become more expensive, placing a significant financial strain on low-income families. The Child Support Grant serves as a critical buffer against these rising costs, helping to alleviate some of the financial pressure faced by vulnerable households.
This increase underscores SASSA’s commitment to supporting families in need, ensuring that children have access to the essentials required for their well-being and development. Beneficiaries are encouraged to stay informed through official SASSA channels – including Facebook (SASSA News) – and to continue using the grant responsibly to meet their children’s needs.
