Think before you pay: How fraudsters exploit your online transactions
Delivery apps, e-hailing, video on demand and online shopping have become a staple of the current digital age. Consumers rely on online platforms with targeted online ads when shopping online. With this convenience comes a rising threat which is Card-Not-Present (CNP) fraud.
“As digital transactions grow, banks are detecting more opportunistic attempts by cybercriminals to exploit online platforms,” says Adv. Athaly Khan, Head of Fraud Risk Management at Standard Bank.
Before sharing tips on how consumers can protect themselves, Khan clarifies what constitutes CNP fraud.
Fraudsters don’t need your physical card
CNP fraud occurs when stolen card details are used for online purchases and subscriptions with no physical card required. Fraudsters exploit vulnerabilities in e-commerce systems to steal card numbers, expiry dates, and card verification value (CVVs).
This fraud is increasingly common on platforms with malicious pop-up ads. Food delivery, e-hailing services and social media platforms where advertisements are placed are prime targets as they store sensitive data for seamless transactions. Some victims unknowingly enter details on fake or cloned websites, handing over their information to fraudsters.
“Many of false ads in particular promoting scams, Ponzi schemes, and fake investments – are funded using stolen card details,” says Khan. Digital and social media platforms that allow users to pay for Ad campaigns virtually are particularly vulnerable and enable fraudsters use stolen card details.
Additionally, fraudsters have realized that the google search engine uses algorithms to provide consumers with the most relevant results. They are exploiting algorithms to target consumers with misleading ads based on their search history. “After certain searches, you may receive unsolicited offers, urging you to click on malicious links or request a call back,” Khan warns.
How to Protect Yourself
- Only download Apps from official stores like Google Play or the Apple App Store.
- Regularly update Apps to ensure you have the latest security features.
- Avoid saving your card details in Apps unless necessary and use secure payment options like PayPal or Apple Pay when possible.
- Double-check the URL of any page you're directed to. Ensure it matches the official domain (look for "https" and a padlock icon).
- Be cautious of suspicious ads offering products or services that seem too good to be true.
- Enable two-factor authentication (2FA) on your accounts to add an extra layer of security.
- Use a reputable ad-blocking tool to reduce exposure to unwanted pop-ups.
- Never click on pop-up ads or links from unfamiliar sources. Always type the website’s URL directly into your browser instead.
- Keep your antivirus software up to date to help detect malicious links.
As online fraud becomes sophisticated with the emergence of AI technology, Standard Bank urges consumers to stay vigilant and protect their banking information. Never let your card out of sight or share sensitive details on any platform, including phone calls. Standard Bank encourages its customers to use the card settings feature on the Banking App to enable or disable transaction types as needed. If its too good to be true, it generally is.