The rise of AI‑driven fraud in South Africa is reshaping how criminals strike, but the underlying weapon remains the same: human trust. From deep‑fake voice calls that mimic a panicked manager to hyper‑personalised phishing mails written in Afrikaans or isiZulu, scammers are leveraging generative AI to make age‑old social‑engineering tricks more convincing than ever. Banks report a steep climb in digital theft, even as overall financial‑crime losses dip, highlighting a stark paradox that security teams must untangle.
South Africa’s banking watchdog, the South African Banking Risk Information Centre (SABRIC), disclosed that total financial‑crime losses fell 18 %, sliding from R3.3 billion in 2023 to R2.7 billion in 2024. The decline reflects tighter detection mechanisms across major banks. Yet digital‑banking fraud surged, with reported incidents swelling 86 %—from 52 584 cases last year to 97 975 this year—and associated losses jumping 74 % to R1.89 billion. The banking app emerged as the primary conduit, responsible for 65.3 % of all digital‑banking fraud incidents, up from 60 % previously; app‑related cases nearly doubled to roughly 64 000, costing over R1.2 billion alone.
How AI is amplifying social engineering attacks
Janike Stiglingh, Director of Product Marketing at Entersekt, explains that “the most common attacks we see are social‑engineering attempts leveraging AI to coerce users into approving legacy authentication.” A typical chain begins with an AI‑generated deep‑fake call, where the voice, cadence and intonation mirror a senior executive perfectly. The scammer then extracts a one‑time‑password (OTP) while the victim remains on the line, later using the credential to authorise a fraudulent transfer. By the time the deception is uncovered, the money has vanished.
Anna Collard, senior executive at security‑awareness specialist KnowBe4, describes the new threat as “classic deception with a force multiplier.” AI tools now churn out convincing phishing emails, falsified voice recordings, and even video deep‑fakes in minutes, tailoring each piece to local languages, cultural nuances and current events. “Seeing is no longer believing online,” she warns, underscoring how the blend of volume and personalisation is eroding the human firewall that once protected organisations.
A recent SABRIC breakdown paints a clear picture of where the pressure points lie:
| Metric (2023 → 2024) | Total incidents | % increase | Losses (R) | % increase |
|---|---|---|---|---|
| Digital banking fraud | 52 584 → 97 975 | 86 % | 1.09 bn → 1.89 bn | 74 % |
| Banking app cases | 36 000 → 64 000 | 78 % | 0.7 bn → 1.2 bn | 71 % |
| Overall financial crime | 3.3 bn → 2.7 bn | –18 % | – | – |
The table shows that while the total financial‑crime loss curve is descending, the digital‑banking subset is exploding, driven almost entirely by app‑based attacks. The takeaway is clear: legacy detection tools are missing the cascade of small, interconnected weak points that AI‑enabled scammers exploit.
Legacy security architectures often operate in silos, each monitoring a single slice of the threat landscape. When a phishing email lands, a separate system watches for anomalous login attempts, while yet another flags unusual fund transfers. If these tools do not communicate, the broader pattern remains hidden, and each isolated event appears too minor to trigger a coordinated response. Stiglingh stresses that “assuming the human will be fooled and building systems that catch what the human cannot” is the only way forward. Centralised visibility—aggregating logs, behavioural analytics and contextual intent across the entire digital ecosystem—is essential to recognise the tell‑tale sequence of a multi‑stage attack.
Collard’s remedy focuses on the human element: “digital mindfulness.” She advocates cultivating a habit of healthy scepticism, where employees question unexpected requests, verify identities through out‑of‑band channels, and pause before sharing OTPs or passwords. Simultaneously, organisations must deploy AI‑driven defence mechanisms that can parse subtle cues—voice stress, linguistic patterns, timing anomalies—that differentiate genuine communications from synthetic forgeries.
The arms race is now an AI‑versus‑AI duel. Criminals harness generative models to craft bespoke scams, while defenders turn to machine‑learning‑based anomaly detection, behavioural biometrics and real‑time threat‑intelligence feeds. Entersekt’s platform, for example, integrates risk‑based authentication that evaluates the context of each transaction, demanding additional verification only when the algorithm flags a deviation from the user’s normal behaviour. Such adaptive controls reduce friction for legitimate users while erecting barriers that can stop a deep‑fake‑laced fraud attempt in its tracks.
A further layer of protection comes from identity‑centric security, where access rights are tied to continuous verification rather than a one‑off password. Multi‑factor authentication (MFA) that incorporates biometric factors—fingerprint, facial recognition or voice‑print analysis—adds depth, making it harder for AI‑generated voices to succeed. However, as Stiglingh notes, even MFA can be subverted if the attacker first captures the OTP through a convincing deep‑fake call; therefore, context‑aware MFA, which assesses device health, geolocation and behavioural risk, is becoming the new standard.
South African banks have begun to respond. Several major institutions now roll out real‑time transaction monitoring powered by AI, flagging irregular patterns such as large transfers to new beneficiaries or rapid succession of high‑value payments. When an alert triggers, the system can automatically request secondary verification from the customer via a secure channel, effectively cutting the attack short.
Despite these advances, the human factor remains the weakest link. A survey of corporate employees conducted earlier this year revealed that 62 % of respondents admitted to sharing an OTP with a colleague or manager when pressured, underscoring how emotional manipulation still trumps technology. Training programmes that simulate deep‑fake calls and phishing attempts are proving useful, as they expose staff to realistic scenarios and reinforce the “pause and verify” mindset.
The evolving threat landscape also has regulatory implications. The South African Reserve Bank recently drafted guidelines urging financial institutions to adopt zero‑trust architectures, where no entity—human or machine—is automatically trusted based on network location alone. Zero‑trust mandates continuous verification, micro‑segmentation of networks, and strict access controls, aligning closely with the defensive strategies advocated by both Stiglingh and Collard.
As AI continues to lower the barrier for creating sophisticated fraud artefacts, South Africa’s financial ecosystem must pivot from a reactive, siloed posture to an integrated, intelligence‑driven approach. The battle is no longer about stopping a single hack; it is about detecting and disrupting the chain of trust‑exploiting actions before they culminate in financial loss. In this climate, organisations that embed AI into both their defensive tooling and their culture of digital mindfulness will be best positioned to protect customers and preserve confidence in South Africa’s digital banking future.