Important notice:  For up to date information about the pandemic visit www.who.int 
  • Products and Services
    • Cash Management
    • Trade Finance
    • Forex Trading
    • Investor Services
    • Channel Services
    FX Trading
    Forex (FX) Trading with Business Online
    A real-time tool for companies dealing in foreign exchange.
    International Payments
    Transfer electronic funds reliably
    Process your cross-border payments and transfer funds between your Foreign Currency accounts.
    BOL SA App
    Convenient Banking
    Enjoy simple and convenient banking at your fingertips with the Business Online SA Mobile App
    Trade Finance
    Transact easily
    Trade Finance solution provides Documentary Trade and Open account trade finance (OATF) facilities to our Business Online clients.
  • Security Centre
  • Help and Support
  • About us
Global
Sign in

Phishing

Phishing misleads users into sharing sensitive information (i.e. passwords, credit card details or bank account numbers), for malicious purposes, via electronic means or communication.

Perpetrators of phishing attacks lead you to believe you are performing a familiar action and take advantage of that established trust to harvest confidential or authentication level information from you.

Phishing misleads users into sharing sensitive information for malicious purposes
HOW DOES PHISHING OCCUR?

Phishing occurs via almost any electronic communication:

  • Website forgery
  • Email phishing (commonly done via spoofing)
  • Link manipulation
  • SMSs
  • Phone calls (vishing)
  • Instant messaging
 
HOW TO PREVENT PHISHING
  • We will never ask you for personal or private information online, either via a website or an email
  • Do not give sensitive details – such as your operator ID, customer selected PIN (CSP), password, card details, account numbers, ID numbers, OTP cell number, email address or email password – to anyone, not even a bank employee, no matter how legitimate the request seems
  • Never reveal personal or financial information in an email, and do not respond to emails asking for this information. As a rule, Standard Bank will never request sensitive information of you without authentication
  • If you are unsure of whether an email request is legitimate, try to verify it by contacting the organisation directly via a phone call or out of band communication using a trusted contact number. Remember not to use the contact information provided by the suspicious party
  • Be suspicious of unexpected or unsolicited phone calls, emails or even personal visits from individuals asking about employees or requesting other internal information. Always try to verify the identity of the person directly with the organisation they claim to represent
  • Be cautious when following links sent in emails. If you're suspicious, always type in the website address you usually use, rather than clicking on any links provided
  • Pay attention to the URL contained in an email. The URL may seem legitimate at first glance, but if you look closely, malicious website URLs differ slightly and may use a variation in spelling or a different domain (e.g. standardbank.trust.com vs standardbank.com)
  • Forward suspicious emails to [email protected] for the appropriate action to be taken.
  • HOW DOES PHISHING OCCUR?
  • HOW TO PREVENT PHISHING

Phishing occurs via almost any electronic communication:

  • Website forgery
  • Email phishing (commonly done via spoofing)
  • Link manipulation
  • SMSs
  • Phone calls (vishing)
  • Instant messaging
 
  • We will never ask you for personal or private information online, either via a website or an email
  • Do not give sensitive details – such as your operator ID, customer selected PIN (CSP), password, card details, account numbers, ID numbers, OTP cell number, email address or email password – to anyone, not even a bank employee, no matter how legitimate the request seems
  • Never reveal personal or financial information in an email, and do not respond to emails asking for this information. As a rule, Standard Bank will never request sensitive information of you without authentication
  • If you are unsure of whether an email request is legitimate, try to verify it by contacting the organisation directly via a phone call or out of band communication using a trusted contact number. Remember not to use the contact information provided by the suspicious party
  • Be suspicious of unexpected or unsolicited phone calls, emails or even personal visits from individuals asking about employees or requesting other internal information. Always try to verify the identity of the person directly with the organisation they claim to represent
  • Be cautious when following links sent in emails. If you're suspicious, always type in the website address you usually use, rather than clicking on any links provided
  • Pay attention to the URL contained in an email. The URL may seem legitimate at first glance, but if you look closely, malicious website URLs differ slightly and may use a variation in spelling or a different domain (e.g. standardbank.trust.com vs standardbank.com)
  • Forward suspicious emails to [email protected] for the appropriate action to be taken.