When it’s you: Talking about scams, healing the shock, and taking action (A South African guide)

That moment says out loud what many of us feel in private: the shock, the shame, the urge to close the tab and move on. But silence is the scammer's best friend. It delays reporting, makes recovery more complicated, and lets the same playbook hit the next person.

South Africa now ranks fifth in the world for cybercrime density, and the banking data backs that up: in 2023, digital-banking fraud rose 45% by volume and 47% by losses (from R734.7 million to R1.082 billion). Within that, banking-app fraud did most of the damage, about 60% of digital-banking crime after an 89% year-on-year spike. In plain terms: this isn't a once-off flare-up; it's the operating environment South Africans navigate daily.

And the tools have levelled up. Criminals aren't just spoofing emails anymore; they're faking faces and voices. We've seen deepfaked video calls that look and sound like the people you know. One Hong Kong case even pushed staff to authorise a transfer of about £20 million after a fabricated “team meeting”. If “it won't happen to me” was ever a comfort, that era is over.

There's another issue we seldom talk about: the aftershock. People don't only lose money; they lose relationships and themselves. A recent national study in the UK found 18% of fraud and cybercrime victims reported depression, and 3% reported suicidal thoughts afterwards. That's not embarrassment; that's injury. The antidote is daylight: talk early, talk kindly. Early disclosure kick-starts bank disputes, speeds platform takedowns, and — most importantly - puts the blame back where it belongs: on the criminal, not the person who was deceived.

From our vantage point at Offernet, we run Ravenwatch, a cyber-threat intelligence service that monitors the surface web, social platforms and the dark web to protect our customers from brand impersonation, fake ads, deepfakes and data leaks.

What we've spoken about here isn’t a finger-wag. It’s a field guide. Here, we'll touch on the latest 2025 scams, how to support someone who's been hit, and the exact steps to protect yourself. We close with a plain-English Emergency Action Plan you can print, share, and follow when the worst happens. At this stage, it is no longer a case of “if” but rather “when” it will happen to you.

The scale of the problem in South Africa (and why it’s rising)

We’re not seeing a run of bad luck; we’re living in a new baseline. What’s driving it? A perfect storm: near-universal smartphones, instant-payment rails, one-time PINs pushed over SMS and messaging apps, and slick social-engineering that feels authentic — often delivered via professional-looking ads or “official” WhatsApps.

Zoom out, and the global picture matches what we see at home. Interpol’s Africa assessments flag online scams, business email compromise (BEC) and ransomware as top money-makers being used for organised crime. Syndicates don’t care about borders; they test lures in one country and scale them across the region in days. South Africa’s high digital adoption and large financial sector make us a high-value target, so fake ads, look-alike sites and OTP-theft schemes hit our consumers at volume.

Bottom line: if scams feel like they’re everywhere, it’s because they are. The answer isn’t panic — it’s normalising smart responses: verify first, act early, and speak up.

Myth vs fact: A quick reality check

Myth: “Only careless or older people get scammed.”
Fact: Modern scams weaponise psychology (urgency, authority, fear) and now AI (voice/video deepfakes). Anyone can be fooled — even well-resourced firms.

Myth: “If I were scammed, the bank will refund me automatically.”
Fact: Refunds are not guaranteed. You need to report fast, open a SAPS case, and follow your bank’s dispute process. Speed and documentation matter.

Myth: “If it was a ‘sponsored’ or ‘promoted’ ad, it must be safe.”
Fact: Paid ads can be fraudulent. Report the ad and dispute the transaction; don’t assume the platform vetted it.

Tip: Treat urgency + secrecy as a red flag. Verify first, act early, speak up.

How modern scams work (The playbook in 2025)

Most scams still follow the same rhythm: impersonate → pressure → redirect → cash out. The difference now is in the packaging. The message looks like it’s from your bank, a courier, SARS, your boss, or even a family member. It lands by email, SMS/WhatsApp, or a quick call. The tone is urgent: update your details, approve this invoice, or your account will be closed. The aim is simple: to get you to act before you verify.

A lot of victims are targeted via glossy sponsored posts or convincing product ads. You click, and you’re taken to a look-alike site that copies the brand’s official website, but the login or checkout is a trap. Big syndicates run hundreds of these sites at once and rotate them as takedowns happen, so even if yesterday’s link is gone, tomorrow’s ad will pop up again.

Links themselves can be booby-trapped. Criminals bounce you through a chain of “safe-looking” pages — forms, file viewers, link shorteners — so by the time you land on the final page, it looks and feels familiar. If a link looks unusually long, keeps changing as it loads, or asks you to “verify” something you didn’t ask for, stop and confirm on a second channel you already trust.

There’s also a simple visual trick that trips up even careful people: special characters in web addresses. Scammers register domains using characters from other languages that look like familiar symbols. A current favourite is the Japanese “ん”, which on some screens can resemble a forward slash. So a link such as “booking.comん-secure.com” reads like “booking.com/secure” at a glance — but it’s not Booking.com at all. The only part that proves who you’re connected to is the word immediately before “.com” or “.co.za”. In this example, you’d actually be heading to “ん-secure.com”, a completely different domain controlled by the scammer.

Finally, beware of OTP theatre — fake security steps (QR codes, “voice verification”, surprise CAPTCHAs) are designed to hustle you into handing over one-time PINs. No bank, courier or retailer needs you to share an OTP with a staff member. If someone asks, it’s a scam.

Quick habits that cut through the noise: type the address yourself or use a bookmark; on mobile, long-press a link to preview where it really goes; read the word before “.com/.co.za”; when you’re in the Facebook app, open the link in your device’s browser to see the full URL (the in-app browser often hides it); never share OTPs; and for anything urgent, verify first on a separate channel. These aren’t tech tricks — they’re simple routines that put time and control back on your side.

The cost you don’t see: Shame, anxiety, and real mental-health risk

Losing money is only half the story; the other half is shock, shame and fear. Many people feel stupid, guilty, even complicit, so they keep quiet. That silence slows recovery and, cruelly, makes a second hit more likely, because scammers share and resell victim details.

An extensive UK Home Office study (Jan 2025) found 18% of fraud/cybercrime victims reported depression, 3% reported suicidal thoughts, and 1% reported self-harm after the crime. Almost half said their trust in other people took a knock. Crucially, these effects showed up regardless of the amount lost — the wound is about violation, not only rands and cents. The Identity Theft Resource Centre's 2023 report echoes this: 16% of identity-crime victims said they contemplated suicide.

If this is you or someone you love, know this: feeling panicked, anxious, numb or ashamed is a normal reaction to a crime. It is not a character flaw. The simplest, strongest antidote is daylight — talk early, talk kindly. Tell a trusted person what happened. Ask them to sit with you while you call the bank, open a SAPS case, or work through the steps in the Emergency Action Plan. Naming the experience breaks the shame loop, gets the practical wheels turning, and puts responsibility back where it belongs — on the criminal, not on you.

You might also notice ripple effects in the days after: poor sleep, replaying the event, jumpiness with messages or calls, pulling back from friends. These are common trauma responses. Most people feel better once they’ve taken a few concrete actions and had a supportive conversation. If the distress feels heavy or you’re worried about your safety, please reach out for professional help.

If you need immediate emotional support in South Africa:

SADAG Suicide Crisis Helpline: 0800 567 567 / 0800 21 22 23 (24/7)
LifeLine South Africa: 0861 322 322 (24/7)

When it happens to you (or someone you love): How to talk, how to help

Lead with empathy. Shame makes people go quiet; empathy gets them help. Your goal isn’t to interrogate or “fix” things in five minutes;it’s to create a steady space so they can take the next step.

What to say (use these as-is):

"I'm so sorry this happened to you. Thank you for telling me."
"It's not your fault. Scammers are very skilled at tricking good people.”
"You're not alone. This happens to so many South Africans.”
“Let's decide the next step together. Do you want me to sit with you while we call the bank?"

What not to say (even if you're upset):

"How could you fall for that?" / "I'd never do that.”
"Everybody knows that's a scam."
Comments like these make people shut down and delay reporting. Keep the focus on the criminal, not the person who was deceived.

Practical ways to help (without taking over):

Be present while they make the first two calls (bank fraud line and SAPS); offer to dial and take notes. Co-pilot the basics (change the email password, turn on 2FA, block/report the scammer), then walk through the Emergency Action Plan together — one checkbox at a time. If they’re overwhelmed, pick a single five-minute action. Protect their dignity: ask before touching their phone or accounts, and offer choices so they stay in control. Keep checking in over the next few days.

If emotions spike or they shut down:

“Let’s just change your email password together, then we’ll decide the next call.”
Offer to phone a counsellor with them: SADAG 0800 567 567 / 0800 21 22 23 or LifeLine 0861 322 322 (24/7).

If the admin must wait, agree on a time-boxed plan: one small action today, one tomorrow.

Where to get help in South Africa (real contacts, not vague advice)

When something goes wrong, speed and sequence matter.

Start with the two calls that stop the bleeding.

Call your bank’s fraud line to block cards/accounts and request a chargeback (card) or urgent recall/hold (EFT/instant). Then open a SAPS case (Emergencies 10111 • Crime Stop 08600 10111). Keep the case number for banks and ombuds.

Loop in the national incident desk.

Report to the National Cybersecurity Hub (CSIRT) (email cshubcsirt@cybersecurityhub.gov.za). They coordinate guidance and facilitate takedowns.

Protect your identity.

Place Protective Registration with SAFPS (free). Keep pulling your credit reports (TransUnion/Experian/XDS) and dispute anything you don’t recognise.

Money back / accountability — know your levers.

• Cards: chargeback under scheme rules (attach evidence).

• EFT/instant: urgent recall/hold (speed matters).

• Debit orders: reverse unauthorised debits (typically immediate if disputed within ~40 days).

• Financial Intelligence Centre (FIC): where warranted, the FIC may issue a Section 34 intervention — a temporary hold for up to 10 working days — to help stop onward movement of funds. (Banks usually file; you can alert the FIC if you have material information.)

• Escalation: if your bank dispute stalls, go to the Ombudsman for Banking Services (via the National Financial Ombud Scheme). For advisor/investment issues, contact the FSCA/FAIS Ombud. For pensions, the OPFA.

Consumer and advert complaints.
Use the CGSO / NCC for CPA disputes. Report scammy ads to the ARB.

Website takedowns and data privacy.

For SA-hosted content, submit an ISPA Takedown. If your personal data was abused, lodge a complaint with the Information Regulator (POPIA/PAIA).

Mental-health support (use it early).

SADAG 0800 567 567 / 0800 21 22 23 • LifeLine 0861 322 322 (24/7).

Pro tip: keep a logbook — dates, names, reference numbers, promised timeframes. Save screenshots, URLs, ad IDs, phone numbers and bank references in one folder. Good paperwork dramatically improves outcomes with banks, ombuds and, where relevant, the FIC.

Long-term recovery: Rebuild safety, finances, and Trust

The first wave is triage. The next phase is steadiness — rebuilding digital safety, tightening money controls, and giving yourself (and your household) simple rules you can live with.

Stabilise your identity and accounts (first 2–4 weeks)

Keep SAFPS Protective Registration for 6–12 months. Switch on bank alerts for every transaction and lower daily limits for now. Use a password manager; make passwords long and unique; turn on 2FA (preferably an authenticator app). Spring-clean email (remove rogue forwarding rules, sign out all sessions, revoke third-party access). Check if your email appears in a breach and set alerts at https://haveibeenpwned.com. Ask your network to add a SIM-swap/port-out lock.

Watch your credit and documents (months 1–6)

Pull credit reports (TransUnion, Experian, XDS) monthly at first and dispute anything odd. If ID/licence/passport details were exposed, ask the issuing authority about re-issuance or flags — quote your SAPS case number. Use DebiCheck where possible; review statements weekly during this period.

Emotional recovery is art of security

A short call with a counsellor (via SADAG or LifeLine) and a check-in with someone you trust can cut through the shame and help you move. Treat self-care as a security control: better sleep, fewer panic attacks.

Inoculate the household (use simple rules everyone can follow)

Verify money or password requests on a second channel you already trust. No OTPs — ever. Read the real domain (the word before “.com/.co.za”). If something is urgent and secret, pause. Agree on a one-tap “phone a friend” rule: when unsure, don’t click — ask first.

Small, consistent actions beat big, complicated ones. Pick two steps today (alerts + password manager), two next week (credit checks + SIM-swap lock), and keep going. The aim isn’t perfection — it’s making the next scam much harder to land.

How to ask for help (and how to speak about it)

Asking for help is a strength move. It kick-starts the practical steps and cuts the shame loop.

If you were scammed (words you can use):

“I’ve been scammed. I feel ashamed and need help with the next steps.”
“I don’t want to be judged; I just need someone with me while I call the bank.”
“I want to report this so it doesn’t happen to someone else.”

If saying it out loud feels hard, send a message first:

“Hey, I’ve just realised I’ve been scammed. I’m shaken and need a hand to call the bank and SAPS. Can you be with me on the phone while I do it?”

If you’re supporting someone (what to say):

“Thank you for telling me. It’s not your fault. Scammers are experts at this.”
“Let’s go step-by-step: I’ll sit with you while we call the bank and SAPS.”
“We can block and report the scammer together.”

If emotions spike or they shut down, suggest a micro-step:
“Let’s just change your email password together, then we'll decide on the next call.”
Offer to phone SADAG 0800 567 567 / 0800 21 22 23 or LifeLine 0861 322 322 (24/7) with them. If they can’t face the admin now, agree on one five-minute action today and one tomorrow.

Emergency Action Plan

Keep this close. It’s an easy-to-follow list you can save, print, and share with family or colleagues.

click to enlarge

Download: Emergency Action Plan — What to do after being scammed (South African edition)

Silence helps scammers; speaking up protects you and others. Whether it was R500 or your life savings, whether it arrived as a slick ad, a cloned site or a deepfake call — the next moves are the same: be kind to yourself, act quickly, and ask for help. We built Ravenwatch to spot and take down brand impersonation and other online threats because we see, daily, how much harm these scams cause. This guide is our way of sharing that frontline knowledge so you don’t have to learn it the hard way.

If you remember one thing, make it this: start the conversation with a friend, your bank, SAPS, or a counsellor. That first call is the bridge from shock to recovery. And before you close this tab, save the Emergency Action Plan and share it with your family or team. The plan is small; the difference it makes is huge.