Explainer: How “money mule” scams work
We asked the banks what they are doing to combat this type of fraud
South Africans probably lose hundreds of millions of rands annually to mule fraud. While the banks agree this kind of scam is growing, there is not yet a properly calculated estimate of the size of the problem. Graphic: Lisa Nelson
- Scammers are taking over bank accounts, often by paying account owners for a One Time Pin (OTP).
- People who have their bank accounts hijacked are called “money mules”.
- Here we explain why this happens, and what needs to be done.
Judith Hawarden must have been excited when she paid R5.5-million to ENS, the attorneys handling the sale of her new house. Unfortunately, she didn’t realise that the email she had received with the bank account details wasn’t from ENS but from a scammer. The email address ended ensafirca.com, not ensafrica.com, and quite understandably she didn’t notice this.
Before any of the parties involved in the sale realised what had happened, the money was transferred out of the bogus account and was gone.
For the next half-decade, Hawarden and ENS fought each other in court, each blaming the other for the loss. Hawarden won in the Gauteng High Court. But ENS then prevailed at the Supreme Court of Appeal.
When we read about the case, we wondered: where was the bank in all this? Why didn’t they manage to recover the money and reverse the transaction to the fraudulent account? Surely the bank knew who the fraudulent account belonged to? Why does FICA (Financial Intelligence Centre Act) verification not prevent this from happening?
In 2023, The Big Issue, the non-profit magazine sold by homeless people, almost went bankrupt because it paid R600,000 to a scammer R600,000 instead of to its printers. Again, the money couldn’t be recovered. GroundUp published an editorial calling on the bank involved to reimburse The Big Issue. “If FICA cannot prevent this kind of fraud, then its use is questionable,” we wrote.
It turns out that despite FICA, it’s still possible for the recipient of the money to evade identification by banks through what’s known as a money mule. A mule is a person who opens a bank account, goes through the FICA process, but then, either deliberately for a fee, or without realising it, gives control of their account to fraudsters.
In other words, the mule has passed FICA verification, but the account is not used by the person who passed verification. It is like asking an adult to buy you alcohol when you are underage as a teenager; the only requirement is that the liquor store checks if the purchaser is an adult, not who the alcohol is actually going to.

Example of an investment scam by fraudsters attempting to solicit payment into a mule account.
Mule recruitment happens in plain sight. On Facebook, fraudsters openly buy bank accounts on Marketplace and in various groups. They target students and unemployed people. They offer a commission in exchange for your banking login details and the One Time Pin (OTP) that gets sent to you by your bank. The OTP enables them to commit fraud using your bank account, with transactions approved by you directly.
The fraudsters then trick someone, like Hawarden or The Big Issue, into paying money into the mule’s account. The crooks then swiftly transfer money from the mule account, typically into a crypto wallet or gambling account. At this point, it becomes very hard, if not impossible, to recover the money. The bank knows who owns the account, but the owner – the mule – is uninvolved in the transaction.

Social media advert recruiting money mules.
We sent questions about mule accounts to the large banks. ABSA, FNB, Standard Bank, Discovery Bank and Capitec were very helpful. So was the South African Fraud Prevention Service (SAFPS), a non-profit organisation that works with the banks. SAFPS maintains a fraud database that financial institutions can access. The answers to the questions in this article are based on the replies we received from these institutions.
How big a problem is mule fraud?
One banker we spoke to estimated that mule fraud amounts to hundreds of millions of rands annually. Another banker told us fraud stats are significantly under-reported. This is in part because victims often don’t report the problem. Mule fraud is a growing problem, according to the National Financial Ombud Scheme South Africa and SAFPS.
But there is a lack of concrete data. As a banker explained to us, there has until now been no consistent definition of fraud categories across the financial sector. “When one bank reports digital malware as fraud, another institution may say they don’t see that as fraud.”
He explained that the Financial Sector Conduct Authority and the Prudential Authority have sat down with the industry to hammer out definitions and reporting standards. He expected that within a year, banks would be forced to report fraud against them or their customers monthly. “But whether [that data will be made] public or just [go] to the regulator, I don’t know.”
Why is it hard for the banks to prevent mule fraud?
There is a concerted effort to reduce bank fraud through mules, but it isn’t easy. Banks can’t delay every electronic payment while a verification process takes place with both the payer and payee — that would make banking impossibly slow.
We asked the banks why they can’t detect when an unusually large amount goes into an account and then delay the transaction while it is confirmed to be legitimate.
One bank explained to us that while “unusual or out-of-pattern transactions” are often suspicious, there are legitimate scenarios where unusual transactions are valid. Blanket delays based only on transaction size “could result in unnecessary friction,” the bank said.
Also, mule fraud has become more sophisticated. “It is no longer limited to newly-opened or obviously suspicious accounts,” a bank told us. “In many instances, mule accounts belong to longstanding, legitimate clients, which makes detection far more complex.”

Social media advertisement for mules.
What more could the banks do?
The banks that responded to us all said they have software in place to attempt to detect and stop suspicious transactions.
They also co-operate with each other to identify mules. And they have access to a database of fraudulent activities maintained by SAFPS.
But the volume of transactions is huge, and the banks have the competing interest of trying to make paying and being paid as frictionless as possible.
In a Daily Maverick video, Rebecca Davis suggests two measures that would reduce fraud: (1) banks should, by default, have to reimburse clients for fraud up to a certain amount (so that there’s a strong incentive for them to prevent it) and (2) the name of the payee that the payer specifies should be verified against the payee’s account name.
The banks, perhaps unsurprisingly, expressed scepticism about the first suggestion. One bank employee said that his bank does reimburse some victims of fraud, but with mule fraud, the victims have actually authorised the payments, so it’s not really the bank’s fault.
One bank told us that reimbursement could have “unintended consequences”, causing a “shift in customer behaviour, where individuals and businesses may take greater risks, knowing that losses could be refunded.”
Another bank pointed out that the banks already invest significantly in fraud prevention.
On the second suggestion, it was pointed out to us that some banks already offer an account verification option when paying. But the problem is that this costs the customer money. Presumably, few people use it, but this might change if it were a free service.
Account name matching would certainly help, but it wouldn’t eliminate mule fraud entirely because many mule accounts have the name of the intended payee but are not controlled by that payee.
And none of the measures discussed here would prevent scams that use money mule accounts, such as (1) “romance” fraud, where a person pays a large amount of money into the account of someone they believe, falsely, is in love with them, (2) marketplace fraud, where people are sold products from dodgy online sites at prices that really are too good to be true, and (3) investment fraud, where people are conned into investing money by paying into accounts from which the money is simply stolen.
This is an example of fraudsters gathering dating app accounts to do romance scams.
At least one bank, Capitec, makes you take a selfie before processing some payments. This makes it harder for the person who has hijacked a mule account to transfer the money they have been fraudulently paid into an onward account. Sometimes Capitec clients complain about this on social media, but it does protect them from fraud.
What more can the state do?
One bank pointed out that the Protection of Personal Information Act (POPIA), which came into effect in 2020, while an important protector of privacy, also slows down information sharing between banks, which makes it harder to trace fraudulent transfers. This is something that legislators could try to address.
Also, while none of the banks said this, it’s quite clear that the police have very limited capacity to catch fraudsters.
Another institution involved in eliminating fraud is the South African Banking Risk Information Centre (SABRIC). It works with the banks and the Hawks. It claims that it has helped strengthen the police’s “digital forensic analysis capacity and its ability to investigate and prosecute complex financial crimes” and that this “was necessary for South Africa to be removed from the Financial Action Task Force (FATF) grey list of countries that have weaknesses in their capacity to fight financial crime”. South Africa was removed from this list in 2025.
Also, since much mule fraud involves transferring money to crypto or gambling site accounts, stronger regulation of these might help.
What can you do to avoid being scammed?
When making large payments, it is best practice to verify the bank details telephonically. You can also use account validation services offered by your bank, even though they still cost money (and should be free).
One of the bankers we spoke to emphasised that romance scams, investment scams and online “too cheap to be true” product sales are the key things to be aware of. “Always consult friends and financial advisors,” he said. “Slow down” before making a payment.
He also advised that if you get a call saying that your money is about to be compromised, drop the call and call your bank’s fraud hotline to report it. Such calls are probably an attempt to get you to transfer your money into a mule account.
Support independent journalism
Donate using Payfast

Don't miss out on the latest news
We respect your privacy, and promise we won't spam you.
Next: “The clothing industry is being hammered from all sides”
Previous: Public Protector tells City of Cape Town to fix services at Langa Flats and Khayelitsha
© 2026 GroundUp. This article is published under the GroundUp Republication Licence Version 1.0. Email [email protected] to request permission to republish.

