Knowledgebase
Suspicious emails (phishing scams)
Posted by zz Werner vR on 21 Sep 2015 11:27

Phishing scams happen when a fraudster contacts you, claiming to be a representative of PayFast or you receive fake "automated" system messages which appear as if they were sent by our system.  The goal is to trick you into believing that a payment has been made to your account and getting you to deliver items you might be selling or to retrieve sensitive financial information from you.


How can I tell if a message came from PayFast or not?

Always be vigilant!

Review the sender's email address

PayFast emails will only come from addresses ending with “payfast.co.za”.

Legitimate email

Note that what a lot of scammers do is to use the name “PayFast” (or variations thereof) but upon inspection you can see that the email address comes from someone else:

Phishing scam

Unfortunately even these "from" addresses can be spoofed by fraudsters, so it is good to know what else we do and don’t ask for.

When does PayFast send messages?

We send automated messages when you make a payment (successful payment sent emails), sign up for our services (welcome emails), when we communicate with you (via our newsletter or system updates, for example) and you can activate/deactivate automatic email notifications (to be sent when you receive payments).

Note: always check your PayFast account for payments received. The same way one should check a bank statement for payments received after receiving an email/SMS stating a payment has been made, you should always log into your PayFast account to confirm that you received your payments.

Tracking and financial information?

We only process payments and will never ask for (or provide) any shipping confirmation messages, waybill or tracking numbers. Scammers want you to immediately part with your goods and usually ask for a tracking number before payments reflect in your account.

We never ask for (or share) sensitive financial information such as credit card numbers or banking details via email.

Spelling and grammar

Phishing emails are often riddled with poor grammar and typos. We do our best to make our correspondence error free ;-)

Sense of urgency

Phishing emails often contain a false sense of urgency or problem –"your account will be disabled if you don’t act right away" etc.—and a scenario that is often too good to be true, like a receiving a higher payment for the items you are selling.

OLX / Gumtree scams

If you’re trying to sell something on an online marketplace such as OLX and Gumtree and someone asked you to open a PayFast account, chances are near-certain that you are dealing with a fraudster. As per their site guidelines, only deal with people who you can physically meet up with and only do so in a safe place.


I think I’m a victim of a phishing scam, what do I do?

It’s important not to open any links, provide any sensitive information or send off goods if you think you’re dealing with a scammer.

If you've already sent off items for delivery and noticed that there is no payment in your PayFast account, get in touch with the courier company and report the matter (they could potentially stop the delivery).

Report it to PayFast

If you’ve reviewed an email (claiming to be from PayFast) and you’re suspicious about its authenticity, you should immediately notify our Support staff. You can send us the entire correspondence with the fraudsters and our team will investigate and report the matter.

Important: Be sure to include the header of the email, which contains the most important information. Follow the steps below and send us all of the information displayed.
Gmail: Open the email, select the arrow (next to the reply icon) and click on show original.
Hotmail/Outlook: Right click the email and select show message source.
Yahoo!: Right click the email and select view full header.
Outlook desktop: Open the email, select file, properties and then details.
Mac Mail: Open the email, select view, message and then raw source.

Report it to your mail provider

A lot of times, the scammers will use similar information (same fake names, same email content, same email addresses, same fake URLs) to try and hook as many people as possible. Most email clients (like Gmail, Yahoo, Hotmail etc.) allow you to report phishing. If something has been reported as phishing, it helps avoid those fake emails arriving in someone else's inbox.

Gmail: Open the email, select the arrow (next to the reply icon) and click on report phishing
Hotmail/Outlook: Select the checkbox next to the email, choose the arrow next to junk and click on phishing scam.
Yahoo!: Select the checkbox next to the email, click on the arrow next to spam and click on report a phishing scam.

Report it to the authorities

It might be difficult to report the matter to the authorities (different priorities, lack of training in cyber crimes, no actual identity of the fraudster etc.), but the ISPA recently published a good PDF document outlining steps on how to lodge a cyber crime complaint with the police.


Help Desk Software by Kayako