Fraud is changing. More often these days, it starts with a person being convinced rather than a system being hacked.
That matters because the biggest risk is often not a technical failure. It is a moment of trust, pressure or urgency that leads someone to make a payment they believe is genuine.
In the last financial year, Capitec has blocked more than 394 000 fraudulent transactions, preventing over R642 million in losses. Additionally, we’ve identified and stopped more than 64 000 mule accounts used to move stolen money quickly through the financial system. These numbers show the scale of the threat, but they also show how fraud is changing. It is no longer only about breaking into systems. More and more, it is about influencing people. And this is happening across many industries.
It could be a discounted phone on Marketplace, a holiday apartment advertised well below the usual rate, an investment opportunity on social media promising high returns or a message that appears to come from your bank warning about suspicious activity and urging you to act immediately. Each of these situations is made to feel believable, and that is what makes them dangerous.
This is the reality of push payment fraud, where people are pressured into paying money into a fraudster’s account. People often authorise these payments themselves, not because they are careless, but because the request, offer or warning seems believable at that moment. Fraudsters use urgency, familiarity and emotion to make people act before doubt has time to set in.
That is why our response is designed to do more than detect fraud in the background. We continue to invest in technology that helps us identify, block and disrupt high-risk activity before losses happen. But in many of these cases, the strongest defence is behavioural. Our role is not only to secure the system. It is also to create deliberate pauses at critical moments, giving clients the chance to stop and importantly to think before making a decision that could lead to an unexpected loss.
We intentionally combine technology with behavioural interruption. Warnings, delays and prompts are not obstacles, they are deliberate interventions designed to break the momentum of a scam. Slowing a transaction by even a few seconds can give a client the chance to question an unexpected message, an unusually good deal or a request that demands immediate action. In a fraud environment built on urgency, that pause can be the difference between a legitimate payment and a loss.
Bank impersonation scams are a clear example. These messages are often polished, convincing and designed to create fear. They may mention suspicious transactions, fraudulent debit orders or account security issues. The goal is not always to steal information directly. Often, it is to influence the person’s next action in a way that benefits the fraudster. We look for opportunities to protect clients in these moments by warning, delaying or blocking transactions where behaviour suggests a scam may be underway.
The same applies to many of the scams criminals are using today. Deposit and marketplace scams, courier and bank impersonation scams via SMS and WhatsApp, and investment scams linked to crypto or deepfake-style platforms all rely on one thing: getting the victim to act before they stop and think.
Malware remains part of the broader fraud landscape, and we continue to strengthen our response to threats on client devices. To date, our advanced malware prevention has protected over 500 clients and prevented around R31 million in losses. While this is meaningful, it also points to a greater truth. While technical threats still matter, many of the biggest fraud risks today are behavioural.
This is why the public conversation about fraud needs to be accurate. When too much focus is placed on technical compromise alone, it can create the impression that the main risk sits in hacked systems or infected devices. In many cases, the real attack is the interaction itself.
For South Africans, the message is simple:
-
Pause before paying a deposit for something you have not verified
-
Be cautious of links sent by SMS or WhatsApp, even when they appear legitimate
-
Walk away from investment opportunities or offers that begin in informal channels or promise returns that seem too good to be true
In most scam situations, slowing down is not hesitation. It is protection. In today’s fraud landscape, the strongest defence is not only technical. It is the combination of technology, insight and one critical moment of pause before trust is exploited.