Digital fraud in South Africa keeps evolving, not only because more of our lives happen online, but because criminals have become better at exploiting people and data. Below is a practical breakdown of the latest stats and insights, with clear takeaways for everyday consumers.
1) Suspected digital fraud is down — but “where” fraud happens is shifting
The TransUnion’s H2 2025 report on top fraud trends shows a meaningful improvement for South Africa in suspected digital fraud rates (based on transactions observed among TransUnion fraud-solution customers). In the report’s Africa section, South Africa’s suspected digital fraud rate is shown falling from 4.3% in H1 2022 to 2.1% in H1 2025 - one of the strongest improvements across the region.
However, the same report highlights an important nuance: fraud pressure doesn’t disappear, it often moves to the weakest point in the customer journey. In South Africa, TransUnion’s Africa lifecycle view shows account login carrying the highest suspected digital fraud rate among the stages measured in H1 2025, at 2.6%, compared with 2.2% for account creation and 0.6% for financial transactions.
What that means in plain language: while onboarding fraud risk exists, attempted account takeover patterns (fraudsters trying to access accounts at login) can be a major pressure point - especially when criminals have stolen passwords, intercepted OTPs, or tricked people into approving access.
2) Digital banking fraud incidents and losses jumped sharply during 2024
While “suspected digital fraud” is one lens, South Africans also need to pay attention to what’s being reported and investigated in the banking environment. SABRIC’s Annual Crime Statistics 2024 report states that digital banking fraud incidents rose 86% in 2024 vs 2023, and associated losses rose 74%. It reports 97 975 incidents in 2024 and gross fraud losses of about R1.888 billion (up from R1.082 billion in 2023).
SABRIC also notes that banking apps were the dominant channel in 2024, accounting for 65.3% of reported incidents, and that recorded incidents involved criminals exploiting human error through social engineering, rather than technical breaches of app security. This is a critical insight for consumers: many ‘fraud incidents’ are not movie-style hacks. They’re tricks - messages, calls, fake sites, and convincing impersonation designed to get you to hand over details, approve a transaction, or reveal a one-time pin.
3) Card-not-present and online payment fraud remains a major risk area
SABRIC’s 2024 media statement adds another layer: card-not-present (CNP) transactions (online card payments where the physical card isn’t used) made up 85.6% of gross fraud losses on South African-issued credit cards.
For everyday shoppers, this is why it matters to:
-
Double-check URLs,
-
Avoid “too good to be true” offers,
-
Monitor transactions frequently (because online fraud can move quickly).
4) Why scams keep winning: urgency, impersonation, and ‘trusted’ channels
Fraudsters increasingly rely on tactics that trigger urgency and emotion (fear, greed, panic, excitement). This lines up with what RCS warns about in its consumer-facing fraud education — such as scammers pushing urgency and demanding an upfront fee to “secure” a loan (a common red flag).
South African regulators and trusted industry bodies also frequently warn about impersonation-style fraud, where criminals pretend to be a legitimate organisation or financial provider.
RCS Specific Example
The RCS team itself has received several reports from customers regarding fraudulent SMS’ which are based on actual RCS communications, making them appear highly convincing, but the valid contact numbers are switched out. Please note that the real number in this situation is 0861 729 727. In the example below when customers call the substituted fake number, the scammers let them know that a reversal can be done and that they need to share the OTP that will be sent to them. This is when the fraudulent purchase then occurs.
Why do they give the option to reply “no”? Financial scammers are aware that if you see a message about a large transaction you didn’t engage in, you will likely feel a sense of panic and reply to their text quickly, likely without confirming via your banking app first. Since they mass message thousands of numbers at a time, your response tells them that your number is active, and it is then placed on a valuable short-list for further action or sold on.
The practical takeaway: even if a message looks ‘official’ (branding, logos, professional writing), the safest habit is to verify independently - don’t click, don’t rush, and don’t share codes. To close, here are several specific RCS fraud warnings worth repeating because they directly address the most common scam patterns seen in South Africa:
-
Never disclose your PIN, confidential details, or OTP to anyone over the phone, SMS, email or chat - even if they claim to be from a trusted institution.
-
Be cautious of deals that are clearly too good to be true and verify websites (always best to find the correct website address via various official channels and go there directly, not just via a random link sent to you).
-
Watch for classic credit-scam red flags like pressure/urgency, requests for upfront fees, and offers that bypass proper affordability or background checks.
-
Report these immediately: if your card is lost or stolen, if you get a transaction SMS you didn’t make, or if you receive an OTP without transacting.
If you suspect fraud involving an RCS account, contact our investigations team via investigations@rcsgroup.co.za or call 0861 775 522.
