As the holiday season approaches, a perfect storm of digital banking fraud is sweeping across the globe, leaving consumers, especially the most vulnerable, facing mounting threats to their financial security. In South Africa, Discovery Bank sounded the alarm on October 14, 2025, warning customers about a rising tide of flight scams exploiting social media and fake travel agents. But this isn’t just a local problem—across continents, regulators, banks, and consumer advocates are grappling with a surge in sophisticated scams powered by artificial intelligence (AI) and new digital tactics, putting billions at risk and exposing deep flaws in the financial safety net for society’s most at-risk individuals.
According to Discovery Bank, fraudsters have been posting bogus airline ads on social platforms, luring unsuspecting travelers into contacting sham agents via WhatsApp. Victims are coaxed into downloading counterfeit airline apps, which, unbeknownst to them, grant criminals remote access to their devices. The endgame? The moment a victim logs into their banking app, the screen goes blank—and unauthorized transactions drain their accounts. “Once access is gained, the fraudster instructs the victim to log in to their banking app. The screen then goes blank and unauthorised transactions are made,” the bank warned, as reported by BusinessTech.
Discovery Bank’s advice is straightforward but crucial: book flights only through official airline websites or trusted agencies, never disable your phone’s security settings, and never share banking details, PINs, or one-time passwords. The bank also urges vigilance against high-pressure tactics, like urgent or limited-time offers, and recommends verifying both the identity of anyone you’re dealing with and the authenticity of any discount offers.
This warning comes amid a dramatic surge in digital fraud complaints across South Africa. The National Financial Ombud Scheme (NFO) reported a staggering 73% increase in digital banking fraud complaints—from 1,436 cases between January and May 2024 to 2,483 over the same period in 2025. For the first time, digital fraud complaints have surpassed ATM fraud cases, with over 3,300 additional incidents reported in just over a year. Major South African banks—including Absa, Capitec, Nedbank, and Standard Bank—have all flagged phishing as a persistent and growing threat.
The numbers are sobering. The South African Banking Risk Information Centre (SABRIC) estimated that financial crime cost South Africans R2.72 billion in 2024 alone, with digital banking fraud accounting for R1.89 billion. Banking app fraud emerged as the single largest contributor, responsible for more than 65% of all digital banking fraud cases and resulting in losses exceeding R1.2 billion. Ulrich Janse van Rensburg, Absa’s chief fraud strategy and analytics officer, told BusinessTech, “We’re also seeing a significant increase in investment-and-false goods scams linked to mobile payments that surface on social media platforms.”
But the digital fraud wave is far from confined to South Africa. In the United States, the FBI issued a stark warning on October 13, 2025, about a so-called “phantom hacker” scam that has drained more than $1 billion from seniors’ retirement accounts. The twist? Fraudsters are now leveraging artificial intelligence to supercharge their schemes. The scams often start with a phone call or email that seems to come from a loved one or a bank, but it’s actually AI-generated deception. “The thought that AI regulate some of these very complex schemes is not a far-fetched thought at all anymore. It’s something it’s directly capable of doing,” said Alex Heeran, treasury manager at Midwest One Bank, as reported by KCRG.
Heeran emphasized that while seniors are prime targets due to having more cash on hand, the rise of AI means everyone is now at risk. “It’s 73% of Americans,” Heeran noted. “This is something that affects unanimously everybody, kind of across the board, and it’s just, you know, which type of scheme are you going to see and how frequently you’re going to be targeted.”
Heeran’s advice echoes that of Discovery Bank: change passwords regularly, never share personal information over the phone, and consult a trusted third party if something feels off. He added, “Just be careful, cognizant, right, of giving out any personal information. Make sure you’re changing, kind of, those passwords, and that’s on your banking. That’s also on your Amazon account, your Kohl’s account, anything of, kind of, you know, that nature. And then you know, again, just pause, because I think you know these deals are really good. But you know, with this Black Friday sales lasting a whole month, you really shouldn’t be in that much of a hurry.”
Regulators are scrambling to keep up. Unathi Kamlana, Commissioner of South Africa’s Financial Sector Conduct Authority (FSCA), underscored the need for a “sophisticated, coordinated, and collaborative response” involving banks, telecom providers, law enforcement, and regulators. Criminals, he warned, “operate as organised networks, sharing data, tools, and tactics across platforms, sectors, and borders. Increasingly, they are deploying artificial intelligence to stay one step ahead of traditional controls.”
To combat these evolving threats, the FSCA has launched its Digital Banking Fraud Project, focusing on fraud risk mapping, real-time monitoring, consumer education, and disrupting criminal money flows. The Authority has also intensified its oversight of financial institutions, insisting that fraud risk be treated as a governance and conduct issue at the highest levels of management.
Yet, amid this surge in digital crime, some of the most vulnerable are being left behind by the financial system. On October 14, 2025, Martin Lewis’s charity, the Money and Mental Health Policy Institute, raised the alarm over the security of finances for people with mental health issues. The charity revealed that one-in-five individuals with mental health problems share their PIN or bank details with someone managing their finances—a risky but often necessary step due to a lack of safer options. Research from 2019 had already shown that two-fifths of people with mental health problems need help managing day-to-day finances.
Martin Lewis, the well-known consumer champion, stated, “People want to be responsible for their own money. Yet some struggling with mental health issues know there are times they can’t be responsible ... so the responsible thing for them to do at those times is to get a trusted family member or friend to help. Yet when they try, often the cogs of the financial system seize up. The tools needed just aren’t widely available.”
The charity is pushing for banks to offer a standard package of tools to make it easier and safer for people to delegate money management. This includes carers’ cards, third-party account notifications, and payment controls to block risky transactions like gambling. Helen Undy, chief executive of the Money and Mental Health Policy Institute, put it bluntly: “For many people with mental health problems, getting the support of a loved one to manage money is the difference between keeping their head above water financially or falling into serious money problems. It is unacceptable that people have to put themselves at risk of harm to get that support because banks aren’t providing the right tools to do this safely and easily.”
Banks acknowledge the challenge. Kathryn Townsend, head of customer vulnerability at Nationwide Building Society, said, “The findings highlight the need for accessible and flexible tools that enable individuals to get the support they need safely.” UK Finance, which represents the banking industry, noted that while tools like third-party access options and limited-use cards for carers exist, legal responsibilities can make implementation complex.
The digital banking revolution has brought convenience and efficiency, but also a new era of risk. As fraudsters deploy ever-more advanced tools, from AI-powered voice scams to remote device takeovers, the need for robust, accessible, and inclusive protections has never been greater. For now, vigilance, strong passwords, and trusted relationships remain the best defense in a landscape where the stakes keep rising—and the rules are constantly being rewritten.
