Standard Bank has issued a critical alert to customers about the escalating threat of Card-Not-Present (CNP) fraud, driven by the surge in digital transactions.
The bank highlighted how the convenience of modern services—including delivery apps, e-hailing, video-on-demand platforms, and online shopping—has created fertile ground for cybercriminals exploiting vulnerabilities in e-commerce systems.
Understanding CNP fraud
CNP fraud occurs when criminals use stolen card details (card numbers, expiry dates, and CVVs) to make online purchases or subscriptions without physical access to the card.
Fraudsters often target platforms that store sensitive data for user convenience, such as food delivery services, social media, and e-hailing apps. Malicious pop-up ads, fake websites, and cloned platforms are common tools used to trick victims into surrendering their information.
“As digital transactions grow, banks are detecting more opportunistic attempts by cybercriminals to exploit online platforms,” said Athaly Khan, Head of Fraud Risk Management at Standard Bank.
Advocate Khan emphasised the sophisticated nature of these scams, noting that fraudsters increasingly exploit digital marketing algorithms and search engine optimization to target users.
How fraudsters operate
Cybercriminals leverage stolen card details to fund fraudulent ad campaigns, including those promoting Ponzi schemes, fake investments, and too-good-to-be-true offers. “Many of the false ads, in particular promoting scams, Ponzi schemes, and fake investments, are funded using stolen card details,” Khan explained.
Fraudsters also manipulate Google’s search algorithms to serve malicious ads based on users’ search histories. “After certain searches, you may receive unsolicited offers, urging you to click on malicious links or request a callback,” Khan warned. These tactics often lead victims to counterfeit websites designed to mimic legitimate services.
ALSO READ: SASSA R700 Grant 2025: It’s a Scam, Don’t Fall for It
Protecting yourself against CNP fraud
Standard Bank urged customers to adopt proactive measures:
- Download apps only from official stores (Google Play, Apple App Store) and update them regularly.
- Avoid saving card details on apps; use secure payment gateways like PayPal or Apple Pay.
- Verify website URLs (look for “https” and a padlock icon) and avoid clicking suspicious links.
- Enable two-factor authentication (2FA) and use reputable ad-blocking tools.
- Never share sensitive details via phone calls or social media, and keep antivirus software updated.
The bank also advised customers to use its Banking App’s card settings to enable/disable transaction types and remain vigilant against offers that seem “too good to be true.”
New WhatsApp scam alert
In a separate warning, Standard Bank flagged a fraudulent WhatsApp group circulating on social media.
The group falsely claims ties to Standard Bank, SBG Securities, and its online share trading platform, even referencing the bank’s Financial Sector Conduct Authority license and Group Chief Risk Officer David Hodnett.
“The information is fraudulent,” the bank stated, urging customers to avoid engaging with the group and report suspicious activity.
A call for vigilance
With AI technology enabling more sophisticated fraud, Standard Bank stressed the importance of skepticism. “If something seems too good to be true, it generally is,” Khan reiterated. Customers are reminded to never share card details or let their cards out of sight during transactions.
As digital reliance grows, Standard Bank’s warnings underscore the critical need for consumers to balance convenience with caution in an increasingly targeted cybercrime landscape.
For tips and real-time fraud alerts, visit Standard Bank’s official online channel here and report suspicious activity immediately.