Skip to main content
All CollectionsFirst Aid Kit
Fraud prevention guide
Fraud prevention guide
Updated over a week ago

We’re serious about your safety, and protect all our customers’ details and transacting activity with bank-level 3D security and anti-fraud technology (find out more here).

Remember, Yoco will NEVER ask for your password or login information, via email or over the phone.

Never give your password to anyone, especially not if they claim to work for Yoco!

If you suspect that someone has taken control of your bank account (linked with your Yoco profile) or your Yoco profile, follow these steps immediately:

STEP 1: Try logging into your Yoco Profile from the App or Portal.

If you can’t log in, skip ahead to step 2...

Once successfully logged in, change your password/passphrase (here), and make sure it’s strong and complex.

Need help strengthening your password/passphrase?

  1. A complex password is a minimum of 8 characters and contains a combination of lowercase, uppercase, numbers and special characters.

  2. A passphrase is typically longer than 15 characters, but not as complex and easy to remember. For example, using a passphrase like “drivingingintherain$ucks1985” (Please don’t use this as a password. Make sure it’s something you’ll remember).

  3. Verify all your details: check that your email address, contact number(s), bank account details, business information, and profile settings are all correct. If you haven’t already, add your cell number to your profile while you’re at it. This’ll help us stay better connected in future.

  4. Look at the numbers: Go to your live sales history from the Business Portal (here) and analyse your recent transactions for anything that looks suspicious.

If you have access to your profile and can check out what’s happening, you can skip ahead to step 3...

STEP 2: If you can’t log in, try password recovery

You should get an email at the same email address that’s linked with your Yoco profile, with quick and easy instructions for resetting your password/phrase.

If password recovery works, go back to Step 1 above

If you don’t receive the password reset email, or can’t complete password recovery for any other reason, move straight on to Step 3...

STEP 3: Contact Yoco Support or email [email protected]

Tell us everything that’s been happening in as much detail as possible, anything you’ve noticed on your profile or bank account that seems off, and how you think your account(s) may have been compromised. We’ll do our utmost to get to the bottom of things, together.

Important details to share with us:

  1. Can’t access your profile? If password recovery has failed and you can’t see what’s happening on your Yoco profile, tell us so we can urgently freeze your account.

  2. Anything out of the ordinary happen lately? Things like, if you’ve recently logged into your Yoco profile from a new device; clicked on an email that you thought was from Yoco; or received any communication about your Yoco profile or bank account that seemed a little strange.

  3. Get your papers ready: We’ll first need to verify that you’re the rightful Yoco account holder for security reasons. This won’t take long, so please have your FICA information on hand — usually, that’s just your ID and bank details, but if you had to submit extra documents during signup (for FICA) you’ll also need to have those ready.

The different types of fraud and how to beat them

Card payments will help your business grow, but they also open the door for fraudsters.

1. Card Not Present (CNP) fraud

CNP fraud can happen without the card or cardholder even being present. Fraudsters can memorise or copy your card number, expiry date, and 3-digit card validation code (on the back of your card) when you’re using your card to pay.

Your card information could then be used for fraudulent transactions online, even though your card is still in your possession.

How to prevent CNP fraud:

  • Stay alert when using your cards and making payments.

  • Don’t let your card out of your sight when making payments.

  • Check that you’ve received your own card back after every purchase.

  • Sign your card on the signature panel as soon as you receive it.

  • Review your account details and transactions on a regular basis.

2. Card skimming

Fraudsters can duplicate your card, by ‘skimming’ or copying your card details with a device that they’ve placed in an ATM or POS card slot. To get your PIN, they’ll either set up a hidden camera, or watch you type it in.

While you can’t prevent your card from being skimmed, you can prevent fraudsters from learning your PIN.

How to keep your PIN safe at ATMs:

  • Always cover the ATM keypad when entering your PIN.

  • Always be careful and alert when using an ATM.

  • If, for any reason, you become suspicious, cancel the transaction and remove your card.

  • Never let your card out of your sight when using an ATM.

3. Card swapping

Fraudsters can offer assistance at ATMs to distract you, so they can see your PIN. Then they either swap your card (you get another card, thinking it’s yours) or your card gets ‘swallowed’ by the ATM via a trapping device installed by the fraudster.

One of the most recent scams is that fraudsters offer to sanitise the ATM or your card, in order to distract you.

How to prevent card swapping:

  • Never accept help from strangers at an ATM.

  • If someone interrupts you, cancel the transaction, remove your card and leave immediately.

  • Always check that the card you receive is your card.

4. Lost or stolen cards

If you misplace or lose your card, contact your bank or credit card issuer right away. They can block your card and account number so no one else can use them, and give you a new card and account number.

Fraudsters will try to use any cards that are lost or stolen in order to get as much money as possible.

Steps to take if your card is lost or stolen:

  • Immediately contact and report the card to the bank.

  • Make sure your cards are in your possession or in a safe place at all times.

5. Account takeover

Account takeovers fall under cybercrime. A cardholder unwittingly gives personal information (such as their home address, mother’s maiden name, etc) to a fraudster.

The fraudster then contacts the cardholder’s bank, reports a lost card and change of address, and obtains a new card in the victim’s name.

Steps to prevent an account takeover:

  • Have a strong password for any access to important information.

  • Regularly change all your secure access passwords.

  • Have strong security questions for any access to important information.

  • Enable two-factor authentication for any access to important information.

6. Remote Access

This tactic is used to install malicious software in order to access your banking information. You may get a request to install software on your smart device.

If you suspect you’re a victim of a remote access scam:

  • Block your banking profiles immediately.

  • Contact your bank for further assistance.

7. SMS Scam

This scam involves fraudsters contacting you via SMS, requesting that you share your banking login details, (like username or password) in order to deactivate your online banking profile.

Banks will never ask you to share your banking credentials with them.

8. Vishing

This is when fraudsters pose as employees of financial institutions, in an attempt to persuade you to share your personal banking information over the phone.

Once they get the information, they’ll have access to your personal bank account and withdraw/spend your money.

Please take note:

  • Financial institutions will never ask you to share personal information, such as a pin or password for your bank account, over the phone or any other channel.

  • Financial institutions will never ask a customer to perform a transaction or reverse a transaction, over the phone or any other channel.

  • If you receive such calls, end the call immediately and block the caller's number.

9. Phishing

This is the most common scam out there. This is when a fraudster sends you a link, which will direct you to a fake website that requests your personal and financial information.

Never click on a suspicious link, rather type the web address of the company into your search engine.

Please take note

  • Never click on links in emails or on websites that you don’t know.

  • Only trust websites with a lock symbol next to the url address.

  • Don’t enter your financial details, card or CVV number unless you’re sure you’re using a safe and trusted website.

Did this answer your question?