The South African Banking Risk Information Centre (SABRIC) has released its annual crime statistics report, revealing a dramatic spike in cybercrime activity that is costing South Africans billions of rands each year. Banking fraud losses in 2025 climbed to R3.9 billion — a 23% increase from the previous year — with digital channels now the primary battleground for financial criminals.
Phishing attacks, in which criminals impersonate legitimate financial institutions or service providers to steal login credentials and personal information, remain the single largest contributor to digital banking losses. SABRIC noted a sharp increase in the sophistication of phishing campaigns, with attackers increasingly using AI-generated communications that are nearly indistinguishable from authentic bank correspondence.
SIM-swap fraud — a scheme in which criminals convince mobile network operators to transfer a victim’s phone number to a new SIM card under their control, allowing them to intercept one-time PIN messages — has surged despite major banks strengthening authentication protocols. The scheme has proven particularly damaging for elderly bank customers who may not immediately recognise the signs of a network takeover.
Online marketplace fraud and social media scams have also proliferated, with victims losing money through fake rental advertisements, investment schemes promoting unrealistic returns, and e-commerce platforms that accept payment before disappearing. The Financial Sector Conduct Authority has urged consumers to verify the registration status of any financial service provider before transferring funds.
The SAPS Commercial Crime Unit has called for greater public-private cooperation in combating cyber fraud, noting that criminals often exploit the delay between an attack occurring and a report being made to reduce the chances of fund recovery. Banks have been urged to improve real-time fraud detection and to make their reporting processes faster and more accessible.
