AI is revolutionising fraud tactics amid the festive shopping surge. (Image: iStock) 
As South Africans move into the peak of the 2025 festive season, the traditional surge in online shopping, travel bookings and digital payments is being matched by a parallel rise in criminal sophistication. While year-end fraud is not new, the tools being deployed by syndicates have evolved sharply, with artificial intelligence increasingly reshaping how scams are designed, scaled and executed.
Recent warnings from the South African Banking Risk Information Centre (Sabric) suggest that fraudsters are exploiting festive-season behaviour – urgency, distraction and higher transaction volumes – using AI-enabled techniques that blur the line between legitimate communication and deception. The result is a risk environment in which familiar safeguards are becoming less reliable, just as consumer exposure peaks.
The data anchor: what Sabric is warning about
Sabric’s Annual Crime Statistics Report for 2024 provides a stark baseline. Digital banking fraud accounted for 65.3% of all reported financial crime incidents during the year, with banking apps emerging as the primary attack surface. Total financial crime losses reached R2.72-billion, of which R1.89-billion was attributed specifically to digital banking fraud.
Sabric notes that most of these losses did not stem from system breaches or technical failures, but resulted from social engineering – scams that manipulate victims into authorising payments or handing over sensitive information themselves. This distinction matters, because it places the front line of risk not inside bank infrastructure, but at the point of interaction between consumers and increasingly convincing digital communications.
Read more: AI scams surge — Nelson Mandela University experts warn people to adopt ‘zero trust mindset’
How AI is amplifying social engineering scams
Artificial intelligence has significantly lowered the cost and complexity of executing social-engineering attacks. Where scammers once relied on poorly written emails or generic scripts, AI now allows for polished, personalised and scalable deception.
According to Sabric, several AI-enabled methods are becoming more common during peak shopping periods:
Deepfakes: AI-generated audio or video that mimics trusted figures such as bank officials, company executives or family members, creating a sense of urgency and authority;
Phishing: Emails or messages crafted with AI tools to appear linguistically flawless and contextually relevant;
Vishing and smishing: Voice calls or SMS messages that imitate legitimate institutions and exploit time pressure; and
Quishing: Fake or manipulated QR codes embedded in emails, flyers or delivery notices that redirect users to malicious sites.
The impact of AI lies less in inventing new scams, rather than in removing traditional warning signs. Errors, awkward phrasing and generic greetings – cues many consumers have learnt to distrust – are increasingly absent.
Why the festive season magnifies exposure
Seasonal behaviour plays directly into these dynamics. Events such as Black Friday, Christmas promotions and year-end travel create compressed decision-making windows, where consumers are more likely to click links, respond quickly or override hesitation.
A common festive-season scenario involves a call or message claiming to flag suspicious activity on an account. With AI-generated voice cloning, the interaction may sound convincingly official. Victims are then prompted to “verify” transactions by sharing a one-time PIN or approving a payment – actions that banks explicitly warn against, but which feel plausible under pressure.
The combination of emotional spending, time scarcity and heightened digital traffic gives fraudsters a uniquely fertile operating environment.
Beyond banking: travel, deliveries and fake deals
The risk landscape extends well beyond direct banking interactions. Industry data on rising fraud risk from Truecaller, a global caller-identification and spam-blocking service, indicates that South Africa is entering its highest scam-risk period in five years, with reported fraud attempts up 32% year-on-year.
Travel-related scams are a growing concern. Discovery Bank recently warned about a spike in fake flight deals advertised on social media. These schemes often divert victims to WhatsApp conversations, where they are encouraged to download fraudulent airline apps. Once installed, these apps can grant remote access to a device, enabling unauthorised transactions while the user remains unaware.
Courier scams follow a similar pattern, exploiting festive-season delivery volumes with messages about “missed parcels” or small “release fees”. Elderly individuals, stokvel members and small business owners are particularly exposed, since scammers tailor messaging around expected year-end payouts and shared accounts.
Practical guidance: arming consumers for the holidays
Because social engineering scams exploit behaviour rather than technology, prevention depends on awareness and verification. Based on guidance from Sabric and banking-sector alerts, several principles are especially relevant during the festive season:
Verify independently: Banks and couriers do not request PINs, passwords or one-time codes. Any urgent request should be treated as suspect and verified through official channels;
Control the channel: Avoid clicking links or downloading apps sent via SMS, email or WhatsApp. Access services directly through known websites or official app stores;
Question urgency and value: Deep discounts and “limited-time” offers are common entry points for fraud; and
Monitor actively: Transaction alerts and frequent statement checks reduce the time between compromise and response.
Vigilance as a shared responsibility
The shift from physical banking crime to app-based fraud signals a broader transformation in financial risk. Security is no longer confined to institutional systems; it increasingly depends on informed user behaviour.
In a digital economy, vigilance has become not just a precaution, but a necessary form of financial self-protection, and as online payments and shopping continue to expand in 2026, these AI-driven risks are likely to remain a central concern for consumers and institutions alike. DM