Fraudsters Exploit Temu, Shein Boom in South Africa With Worrying Scam

Fraudsters are capitalising on the explosive popularity of Chinese e-commerce platforms Temu and Shein in South Africa, sending fake SMS messages that mimic the companies’ local logistics partner to harvest credit card details for as little as ZAR 19.00 (USD 1.00), a senior banking official has warned.

Nick Harris, Head of Financial Crime at Capitec, said criminals have “hooked onto” the daily stream of delivery notifications South Africans receive from Buffalo Logistics, the primary courier service for both platforms. The scam texts claim an outstanding payment of around ZAR 19.00 is required before a parcel can be released, directing victims to a fraudulent payment page.

“Your parcel’s ready for delivery, you just need to make payment,” Harris told Cape Talk, describing the typical message. He warned that clicking the link does not pay a courier fee but instead harvests credit card details, which are then used for card-not-present fraud.

The scam’s modest ZAR 19.00 demand is deliberate, as it’s small enough to avoid scrutiny and plausible enough to trigger payment without a second thought. With Buffalo Logistics delivering real parcels daily from Temu and Shein—platforms that have exploded in South Africa’s price-sensitive market—a single fake message among legitimate updates is easily missed.

Harris noted the tactic extends beyond e-commerce. Fraudsters are also sending fake Financial Intelligence Centre Act (FICA) compliance messages, warning recipients their bank accounts will be frozen unless they click a link to update information.

In July 2025, Standard Bank flagged one such scam: “Your Standard Bank account is scheduled to be blocked in 2hrs due to fica failure update. Please update your profile to avoid this,” the SMS read. The bank confirmed it was not official communication and warned that the linked website, featuring a convincing spoof of the bank’s portal, was designed to harvest card details.

Standard Bank pointed out several red flags, such as grammatical errors atypical of legitimate communications. The recipient had set notifications to email-only, so any SMS claiming to be from the bank was automatically suspect, and the domain name did not resemble a Standard Bank address—another giveaway.

The e-commerce and FICA scams are part of a wider surge in digital fraud targeting South Africans. Fraud incidents rose 32% year-on-year during the recent festive season, according to Truecaller, with criminals exploiting high volumes of transactions, stokvel payouts, and parcel deliveries.

Banks warn that social engineering attacks are becoming increasingly sophisticated. Remote Access Trojan (RAT) scams, where criminals gain live access to victims’ devices, are on the rise. TymeBank’s Head of Fraud, Bonolo Sebolai, described RAT scams as “particularly dangerous because the criminal uses the customer’s own device at the same time as the customer”.

Security experts emphasise that no legitimate bank or courier service will request card details via SMS links. They advise that consumers should never click links in unsolicited messages and should navigate directly to official websites or apps to verify any delivery or account issues.

Featured Image Credits: Dado Ruvic/Reuters