A South African woman has lost R120,000 after downloading a fake app that promised discounted airline tickets, in what authorities describe as a sophisticated online scam.
The woman came across a social media advert offering cheap flight deals and entered her contact details through a link that appeared legitimate. Shortly afterward, she received a WhatsApp message from the supposed “agents,” who instructed her to download an app from the Google Play Store to access special promo codes.
Unaware that the app was malicious, she installed it — giving scammers access to her phone and banking information. Moments later, she noticed two unauthorized transactions from her account totaling R120,000.
Acting quickly, she reported the fraud to her bank and the police within half an hour, but it was too late. The money had already been transferred and spent. Her bank refused to refund her, stating that the transactions were verified using biometric authentication — a selfie confirmation done on her phone.
The woman then took her case to the National Financial Ombud (NFO), hoping to recover her loss. However, the investigation revealed that the fraud was caused by a malware-infected app that gave criminals remote access to her phone, allowing them to mimic her biometric data and approve the transactions.
The NFO concluded that the bank could not be held liable since there was no evidence of negligence or system failure on its part. Instead, the compromise came from the woman’s interaction with the fake third-party app.
Officials have since warned the public about the growing threat of such scams, which use realistic-looking apps and fake websites to steal personal data. Consumers are urged to only download apps from verified developers, check reviews, and avoid granting unnecessary permissions to unknown apps.