Never disclose your login details to anyone. Never enter your login details on any site accessed through a link received by SMS or email. This includes your online banking profile details (profile number, PIN and password), your Nedbank ID and password, and your bank card details (bank card number and PIN). 

• Never disclose your login credentials to anyone, including Nedbank Private Wealth employees.
  
  
• Never enter your login details on any site accessed through a link you have received by SMS or email.
  
  
• Always navigate to online banking from nedbankprivatewealth.co.za. Please forward all suspicious emails to phishing@nedbank.co.za so that we can deactivate the phishing sites.

Please note that your card or profile number without the PIN and password may be required if you contact the Nedbank Private Wealth Service Suite for support. However, we will never ask you to provide your PIN, password or CVV number over the phone or by email.

Web addresses, emails and attachments

The general rule is that you should never open an email or attachment or click on a link if you are not sure why you are receiving it or if it seems suspicious. If in doubt, call the Nedbank Private Bank Service Suite before opening anything. 

• Validate a website address (URL) before you click on it. You can do this by hovering your mouse over the hyperlink. If you long-press a hyperlink on your mobile device, it should also reveal the underlying website address.
  
  
• Beware of any attachments that end in .exe, .zip, .cab, .htm or .jar. These files allow malware to be loaded onto your computer without your knowledge when you click on them. Do not open files that prompt you to execute, install or upgrade software.
  
  
• Always have the latest antivirus software and a robust firewall on all your devices. We recommend that you install the online fraud protection software 'Trusteer Rapport', which is available to all Nedbank Private Wealth clients for free.

Be wary of an email or SMS asking you to click on a link or open an attachment

In this type of scam fraudsters send an email or SMS prompting you to click on a link or open an attachment containing a fake bank statement, proof of payment, or a request to update your online banking profile to prevent your accounts from being blocked.

The link typically takes you to a fake web page where you are requested to insert your login details, and the attachment may contain malware that enables the fraudsters to record all your keystrokes. Please don't act on these requests.

Phone calls and SMSes

• Don't trust caller identification software. Fraudsters use number-masking software to make it seem as if you are receiving a call from Nedbank or Nedbank Private Wealth when you are actually not. We will never ask for your login details over the phone.
  
  
• Always read your Approve-it and one-time password (OTP) messages carefully. These messages will indicate that you are about to authorise a payment or enrol for the Nedbank Private Wealth app. If you have not performed either of these functions, reject the transaction or, in the case of an OTP, do not disclose it to anyone. Please report any suspicious messages to us.
  
  
• Look out for SIM swap notifications. Fraudsters do a SIM swap to gain access to your Approve-it messages and OTPs. If you receive an SMS for a SIM swap you did not request, contact your cellphone service provider urgently and contact us to block your accounts.
  
  
• Monitor your cellphone connectivity. If you lose connectivity for no apparent reason while you are transacting, contact your cellphone service provider immediately and contact us to block your accounts.

General tips for more secure banking

• Reduce your instant and beneficiary payment limits. Limit these to the amounts you need to do your day-to-day banking. The higher the limit, the higher your risk exposure.
  
  
• Activate eNotes and card SMS. You will receive real-time SMS notifications of payments made, which will help you to monitor your accounts.
  
  
• Do not access internet banking from any third-party devices, such as those at internet cafés. You have no control over any potential malware on those devices.