It’s phishing time in South Africa

Nedbank regulars

Phishing campaigns using the identity of one of the largest banks in South Africa, Nedbank, require users to follow a link supposedly directing them to the financial institution site and to verify their account details.

Credulous users, though, find themselves redirected towards a fake Web site which uses several PHP scripts to steal sensitive data.




To avoid falling victim to phishing campaigns, keep in mind these five tips:

  • Always activate your antiphishing or phishing filter, as well as any other security applications or suites before browsing to your e-banking account.
  • Ensure that your e-banking Web site uses SSL encryption (Secure Socket Layer) and security authentication methods – look for the “https” prefix and the locked padlock.
  • Avoid using a non-secured computer. And if you really have to use one, make sure you run the Bitdefender advanced scanning on-line free tool, Quick Scan, before going on.
  • Do not check your e-banking account from public computers (such as those in a library or Internet Café).
  • If you use a wireless connection, make sure your connection is secured and encrypted and that you know and trust the owner of the access point.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

About the author

Sabina DATCU

Sabina Datcu, PhD has background training in Applied Informatics and Statistics, Biology and Foreign Languages and Literatures. In 2003 she obtained a master degree in Systems Ecology and in 2009 a PhD degree in Applied Informatics and Statistics.
Since 2001, she was involved in University of Bucharest's FP 5 and FP6 European projects, as researcher in Information and Knowledge Management field.

In 2009, she joined the E-Threat Analysis and Communication Team at BitDefender as technology writer and researcher, and started to write a wide range of IT&C security-related content, from malware, spam and phishing alerts to technical whitepapers and press releases.