Fake Tech Support Scams Targeting South African Consumers
South African consumers receive fake Microsoft, Apple, and bank fraud department calls that harvest remote access credentials, OTPs, and banking PINs, sometimes overlapping with 'vishing' operations specifically designed for the South African banking environment.
Part of: Fake Tech Support Calls
Last reviewed: 1 June 2026
Fake tech support scams are consistently reported to SABRIC and the SAPS as a high-volume fraud type in South Africa. Callers impersonate Microsoft, Telkom technical support, and major South African banks including Standard Bank, Nedbank, and Absa, often demonstrating knowledge of the victim's name, partial account details, and recent transactions to appear legitimate.
The 'screen sharing' variant is particularly effective: victims are directed to install AnyDesk and the scammer, once connected, accesses internet banking and transfers funds while the victim watches helplessly or is distracted.
How this scam works on South Africa
A victim receives a call from someone presenting as a Microsoft technician or Telkom DSL support agent. The caller directs the victim to open the Event Viewer on Windows and points to error messages as evidence of malware — these are normal system logs that appear alarming to non-technical users.
AnyDesk or TeamViewer remote access is requested to 'fix the problem'. Once connected, the operator either navigates to the victim's banking app directly or instructs the victim to log in while they watch, harvesting credentials in real time.
South African bank impersonation variants are closely coordinated: the caller says a suspicious transaction requires the victim to authorise a cancellation using the OTP sent to their phone. The OTP is used immediately to approve the fraudulent outgoing transaction.
Common red flags
- Unsolicited call claiming to be from Microsoft, Telkom, or your bank's fraud department
- Windows Event Viewer errors used as 'proof' of a virus — these are normal and not indicative of infection
- Request to install AnyDesk or TeamViewer to allow remote access from an unsolicited caller
- Bank caller asking you to read out the OTP sent to your phone to 'cancel' a transaction
- Caller who knows partial account or identity details but was not contacted by you first
How to protect yourself
- Hang up on any unsolicited call claiming to be technical support — call the company back using the official number
- Never install remote access software at the request of an unsolicited caller
- Never share an OTP with anyone, even a caller who appears to know your account details
- Contact your bank using the number on your card immediately if you suspect compromise
- Report vishing attempts to SABRIC at sabric.co.za
How to report it
- Report to SABRIC at sabric.co.za
- File a report with the South African Police Service (SAPS) at saps.gov.za
- Contact your bank's fraud department immediately if remote access was granted
Frequently asked questions
What should I do if I already gave a scammer remote access to my computer in South Africa?
Disconnect the device from the internet immediately. Change all passwords — especially online banking and email — from a different, clean device. Contact your bank's fraud line immediately to freeze accounts. Run a full antivirus scan. Report to SAPS and SABRIC. Do not pay any 'removal fee' that the scammer may later demand.