Phishing scams have been around practically since the inception of the Internet, and they seem to be here to stay.

Nobody wants to fall prey to a phishing scam. But as long as cybercriminals continue to swindle people out of hundreds of thousands of Rands, they will not go away.

We recently had a typical example of a phishing scam as experienced by one of our members. This one had a twist in the tail, though.

Our member purchased a vehicle for R245 000 from a country dealership. The dealership issued an invoice and a company letterhead confirming their banking details. Minutes later our member received a request on a letterhead from the dealer to change the account number. The reason given was that the first number was their old trading account number. Very politely, they also apologised for the inconvenience.

Our member made the payment and sent proof of payment to the dealer. When our member later phoned, the dealership had not received proof of payment. The dealership representative did mention that he had lost all his emails but that they were working on it. He then requested that our member forward proof of payment again.

After a second failed attempt our member used a Gmail account belonging to the dealership representative. The representative then noticed that the payment was made to an unknown account and that the second letterhead was fraudulent.

Our member immediately instructed his bank to freeze the account into which the payment was made, and this is where the plot thickens.

The account belonged to a private individual that advertised a frontend loader for R245 000. The “buyer” told him that the money would be paid in by our member – thus putting the seller at ease as the funds would be coming from a registered entity. Once the money showed in the seller’s bank account he delivered the frontend loader.

How was this done?
The dealership’s email account was hacked by the scammers. They then monitored the account until a transaction was about to happen. Once the dealer forwarded the invoice and banking details they intercepted the documents and created the second letterhead with the new banking details which they then forwarded to our member.

Tips to prevent Phishing

• Keep informed about phishing techniques
• Think before you click!
• Install an anti-phishing toolbar
• Verify a site’s security
• Check your online accounts regularly
• Keep your browser up to date
• Use firewalls
• Be wary of pop-ups
• Never give out personal information
• Use antivirus software
• If any information or structure of a transaction changes, pick up the phone and verify.
• When dealing with an entity for the first time, request their bank to confirm the banking details to you directly.

In this case we were fortunate to help our member from losing R245 000, but it is not always the case. Please be vigilant and inform your staff on phishing.

May 2018 Sales in a nutshell

The best used car sellers (only IDA dealers on the Signio platform)
VOLKSWAGEN
FORD
TOYOTA
BMW
HYUNDAI

The top three used commercial vehicle sales per manufacturer (bakkies)
RANGER 2.2TDCi XL P/U D/C
NP200 1.6 A/C P/U S/C
UTILITY 1.4 A/C P/U S/C

Top 10 derivatives used car sales
POLO GP 1.2 TSI TRENDLINE (66KW)
POLO 1.4 COMFORTLINE 5DR
POLO VIVO GP 1.4 CONCEPTLINE 5DR
FIGO 1.4 AMBIENTE
POLO VIVO GP 1.4 TRENDLINE 5DR
POLO GP 1.2 TSI COMFORTLINE (66KW)
FIESTA 1.4 AMBIENTE 5 Dr
COROLLA QUEST 1.6
ETIOS 1.5 Xs/SPRINT 5Dr
FORTUNER 3.0D-4D R/B

The average age of used vehicles sold in May 2018 was 4.13 years.