Criminals targeting South Africans using banking apps and digital wallets on their phones

Discovery Bank has warned about the rise in fraud cases in South Africa, with criminals increasingly targeting smartphones to gain access to their banking apps and digital wallets. 

In a message to clients on 20 June, Discovery Bank cautioned that criminals are exploiting mobile devices to access victims’ banking services. 

Once a phone is stolen, fraudsters can bypass security features by decrypting or jailbreaking it and adding their own biometric data. 

This enables them to access digital wallets or make unauthorised transactions. The bank urged customers to treat their phones as seriously as they would their bank cards and to act immediately if their devices are lost or stolen.

“Protect yourself. Use strong PINs and passwords, avoid easy-to-guess ones like birthdays. Never save banking credentials on your phone,” the bank said. 

“Regularly check your accounts for suspicious activity, and if your device goes missing, call your bank immediately to block it and change all financial passwords.

The warning comes amid a sharp rise in digital fraud attempts across the country. According to the 2025 KnowBe4 African Cybersecurity & Awareness Report, mobile financial services have exploded.

The report noted that 95% of surveyed respondents using mobile payments or mobile banking. 

South Africa significantly contributes to this, with 50% of participants reporting regular mobile banking usage, well above the 36% continental average. 

While this reflects the country’s rapid adoption of digital finance, it also widens the net for criminals.

Discovery Bank’s latest SpendTrend25 report, based on a survey of 1,000 high-earning South Africans who actively use credit cards, showed that public anxiety over banking security is on the rise. 

More than 60% of respondents said they are more concerned about digital fraud now than they were a year ago, and 63% reported either falling victim to card fraud themselves or knowing someone who has. 

An overwhelming 76% said they had received scam messages through email, SMS, or phone calls.

South Africa is a hotspot 

The statistics underscore a broader trend. According to the South African Banking Risk Information Centre (SABRIC), card fraud in South Africa rose by 9.1% between 2022 and 2023, with losses climbing from R414 million to R452 million. 

The majority (over 80%) was classified as card-not-present (CNP) fraud, which occurs when criminals use stolen card information to make purchases online without needing the physical card. 

CNP fraud alone accounted for R338.5 million in losses, reflecting an 18.4% increase year-on-year.

SABRIC’s survey of 29 banking fraud professionals from nine of the country’s top banks also revealed the most pressing concerns in the cybersecurity space. 

52% of respondents flagged fraud types such as authorised push payment (APP) fraud and voice phishing (vishing), while 48% were concerned about phishing and smishing (SMS phishing). 

35% flagged SIM swap fraud, which allows criminals to intercept one-time passwords and calls.

The issue of mobile phone theft is also escalating. Data from the South African Police Service (SAPS) revealed a troubling increase in stolen devices. 

On average, 189 cellphones are stolen each day. Between April 2017 and March 2023, SAPS recorded 412,998 stolen handsets, but only 29% of them were blacklisted by mobile service providers. 

Gauteng led the country with 29% of reported thefts, followed by the Western Cape (26%), KwaZulu-Natal (20%), and the Eastern Cape (7%).

More recent statistics suggest the problem may be significantly worse. Between October 2024 and January 2025, SAPS recovered 116,293 stolen phones, an average of 1,292 per day. 

These figures point to the scale of the illegal mobile phone trade and the potential for widespread digital banking fraud when these devices are compromised.