We see a number of counterfeit (phishing) emails being sent to our customers from time to time, claiming to be from Sage South Africa Pty Ltd. We want you to be aware that these emails are not generated by or on behalf of Sage and we believe they are being sent in an attempt to commit fraudulent activities.
What is a phishing email?
A phishing email is usually defined as being "an attempt to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity, in electronic communication".
In other words, phishing is the modern version of the age-old problem of fraudsters trying to scam unsuspecting people. Those carrying out the attempted scam will send malicious fake emails in an attempt to get you to reveal your sensitive information, usually with the main purpose of stealing your money.
How to spot a phishing email
Fraudsters will often use our emotions in an attempt to get us to respond to the message and reveal the information they want to gain.
Common themes that are used in scams can include:
- You winning a prize or some other unexpected financial gain.
- Scare tactics such as an overdue invoice and the threat of turning off certain services.
- Requests to donate to a charitable organisation, often following a humanitarian crisis such as an earthquake.
- Unusual email attachments and asking for personal information.
We recommend that you always take a moment to think about whether you are expecting this type of request.
Dealing with phishing emails
It is important for you to become familiar with identifying possible phishing emails, how to report them and what to do if you think you have been a victim.
Additional checks to carry out
If you are unsure whether you have received a phishing email, there are some additional checks that you could carry out.
- Check that the website associated with the link matches the text in the email.
- Check that the sender's name matches the email address. If it does not, you should be suspicious of the email.
Note: To check the link in the email, roll your mouse pointer over it and see if what pops up matches the text in the email. If they do not match, do not click the link.
What do you do if you think you have been a victim of a fraudster
If you suspect that you have responded to a phishing scam with personal or financial information, take these steps to minimise any damage:
- Change the information you may have revealed. For example, change any passwords or PINs on the account or service that you think might have been compromised.
- Contact your bank or the service provider directly.
- Review your bank and credit card statements routinely, for unexplained charges or enquiries that you did not initiate.
- Contact the authorities. Cybercrime.org.za is South Africa's national fraud and internet crime reporting centre.
Note: Do not follow the link in the fraudulent email message.
Report a phishing email to Sage
To safely report the email you suspect is counterfeit, without opening any attachments or replying to the email, please do the following:
Note: Sending the counterfeit email as an attachment is the best way to preserve information which will make it easier for us to trace its origins.
Receiving counterfeit emails from a sage.com email address
Counterfeit emails sometimes look like they had been sent from a sage.com email address. Fraudsters use an email system that does not check the sender’s authenticity against the sender's address. The result is a false or counterfeit email.