Tymebank Warns Of Fraudsters Using Fake Vat Increase Notifications To Steal Your Data

Fraudsters are taking advantage of the imminent value added tax VAT increase in South Africa to trick consumers into revealing their login credentials, TymeBank has warned.

The VAT increase is expected to become effective on 1 May 2025, although political parties are engaged in budget talks about scrapping it.

Major companies have already started notifying their customers of the hike. However, scammers are also sending fake notifications to unsuspecting consumers, TymeBank said in a statement on Tuesday 15 April.

"It's not just banking customers who are being targeted. Anyone who has an account or subscription where VAT is payable, be that a mobile service provider, a retailer, a healthcare service provider or similar, is at risk," the banks Head of Operational Risk and Fraud George Wandsella said.

The fake notifications, usually sent via emails, SMSs or fake websites, create a false sense of legitimacy and urgency. They urge users to click on links with various calls to action such as "learn more," 'see updated charges/fees," or "verify their accounts."

When users click these links, they end up on phishing or vishing sites that may steal their login credentials. This opportunistic cybercrime also increases during holidays and tax filing seasons.

The fraudsters often impersonate legitimate institutions like banks to trick South Africans into revealing personal or financial details, including passwords, card numbers or one-time passwords OTPs.

"TymeBank has zero tolerance for fraud and is unwavering in our commitment to protect our customers. We urge them to be cautious, and to stop and think before they click,'' Wandsella said.

The bank shared the following tips to stay safe: