Tax return scam warning in South Africa

Standard Bank’s Fraud Risk Management division has warned of fraudsters claiming to investigate customers’ tax return submissions, only to scam them out of money.

The scammers claim to have discovered discrepancies that warrant criminal prosecution and provide fabricated documentation to support their allegations.

The South African Revenue Service (SARS) recently announced that the 2025 tax filing season will run from 7 July to 20 October.

“Intimidation and manipulation tactics may be used to instil fear and panic so that you can follow their instructions,” says Standard Bank’s head of Fraud Risk Management, Athaly Khan.

Once the fraudsters are satisfied that the customer is convinced, they usually ask for money to make the case disappear.

Alternatively, they supply a fraudulent account number to transfer “funds potentially due to SARS” to secure them while the fraudsters carry out their bogus investigation.

“In most of these cases, they claim to be in collaboration with the bank, law enforcement, or regulatory bodies,” Standard Bank says.

According to Khan, fraudsters typically deploy bait communication via text, email, WhatsApp, or telephone call.

“The communication may indicate that you have a tax rebate, tax penalty, or that you are being investigated for contravening tax laws,” he adds.

The bank also warned South Africans of other banking fraud tactics, including scammers claiming false changes to banking details, and highlighted common tactics like phishing, smishing, and QR code fraud.

Through these methods, malicious actors aim to acquire victims’ banking credentials, misappropriate their funds, or even manipulate them to transfer funds to fraudulent accounts.

Regarding change of banking details scams, fraudsters send fake communications with banking details, claiming that the victim owes funds to SARS.

“Some customers may, in fact, have funds due to SARS, making the communication seem legitimate,” says Standard Bank.

“The account details provided belong to fraudsters, not SARS. They may offer a settlement discount to pressure you into paying quickly without checking.”

Caution with links, icons, attachments, and QR codes

Standard Bank warned South Africans to beware of any communications that include a link, icon, attachment, or QR code, which could be laced with malware.

This is typically achieved through social engineering mechanisms like phishing, smishing, and “quishing”, or QR code phishing.

“The malicious software is designed to gain unauthorised access to the customer’s device, including their digital banking profile,” warns Standard Bank.

“In other scenarios, customers may be prompted to capture their card information to make payments to SARS, thus compromising their card details.”

The bank listed several measures South Africans should take to protect themselves from these kinds of scams:

• Always stop to think and seek advice from trusted people before making a payment to an unknown person or company.
• Remember that banks and industry bodies can secure funds directly from your account if necessary. They do not need the customer to make any transfers to do so.
• Always validate banking details before making payments.
• Always be suspicious of links, icons, attachments, and QR codes included in electronic communications.
• Banking employees will never ask you to click on a link or scan a QR code to access banking services, be authenticated, redeem rewards points, make payments, order a card, or update your details.

“Nothing is ever what it seems, SARS spoofing will be on the rise, and we need all our customers to have their guards up,” said Khan.