How To Avoid an eFiling Profile Hijacking

Written on 04/10/2024
Nexia SAB&T


SARS eFiling profile hijackings are becoming an increasingly concerning and common hazard. Reports of this type of cybercrime have peaked in recent months and both individuals and businesses must take proactive steps to prevent an attack.

This Cyber Security Awareness Month, it’s vital to understand how you could fall prey to cybercriminals. Improving your cybersecurity processes and relying on a trusted accountant can go a long way towards protecting you and your business.

“…it is vital that all stakeholders in the digital ecosystem, including the taxpayers, SARS, and the banks, work together to prevent and combat profile hijacking.” (SARS)

The recent spike in the number of SARS eFiling profiles being hacked by cybercriminals should raise red flags for every taxpayer. It’s got so bad that the Minister of Finance has given the Office of the Tax Ombud (OTO) approval to conduct a review of SARS’ service failures in assisting taxpayers timeously with eFiling profile hijacking. 

This is a type of cybercrime in which fraudsters use phishing, malware, or social engineering to access and modify your personal or professional profile on a digital platform like SARS’ eFiling without your knowledge or consent.

Has this ever happened to you?

  • You receive an email, SMS, or WhatsApp, seemingly from SARS, asking you to click on a link or attachment to update your profile, verify your information, or claim a refund. It appears legitimate, and not realising it’s a fake, you just do as the message says…         
  • You receive a call from someone pretending to be a SARS official, asking you to confirm your personal details or to click on a link, and you do, not realising that it will install malware on your device…
  • You are contacted by someone pretending to be a SARS official, offering you tax assistance or advice, and asking you to share your login credentials, OTP, or personal information with them, and you do…

Fraudsters use methods like these to trick you into revealing your login credentials. An alarming number of taxpayers have fallen victim to these unscrupulous predators, despite continuous system enhancements to secure and strengthen the security of SARS’ channels.

What could happen if my SARS eFiling profile is hacked?

Fraudsters can access and modify your details (e.g. contact number, password) without your knowledge or consent – with serious consequences for your tax compliance and financial security.

They can then also change the bank details to divert a SARS refund due to you into their own accounts. And they can even submit fraudulent returns on your behalf to claim refunds!   

How can I prevent profile hijacking?

Prevention is far better than cure. Here are a few pointers, direct from SARS.

  • Use a strong and unique password for your eFiling profile. Change it regularly.     
  • Don’t use the same password for other online accounts or services.
  • Never share your login credentials, OTP, or personal information with anyone, even if they claim to be from SARS.     
  • If you hear about a security compromise at any organisation you deal with, immediately log in to your account and update your password.        
  • Always access eFiling through the official website (https://www.sars.gov.za) or the SARS eFiling mobi app.    
  • Do not click on any links or attachments in emails, SMSes or WhatsApps that claim to be from SARS, and never “confirm” or submit your login details after clicking on a link.   
  • Keep your computer and mobile devices updated with the latest security software and antivirus programs.     
  • Activate multi-factor or “app” authentication on your eFiling profile. This will authenticate you every time you log in by sending an OTP message to your registered mobile number or email address or requesting you to authorise the action via your mobile phone.      

Source: SARS

We can help to keep you safe 

As your accountants, we are well versed in avoiding these scams. Whenever you receive communications that seem to be from SARS, simply contact us. 

  • We are alerted to all known scams claiming to be from SARS, so we can quickly help you to identify phishing attempts.   
  • We can check your eFiling profile and tax information regularly and report any discrepancies or unauthorized changes to SARS immediately.        
  • We constantly update our security details to ensure the safety of our profile and our clients’ profiles.

In summary

SARS itself recognises that profile hijacking is a serious crime that harms taxpayers. But prevention is always better than cure. Take proactive steps to protect your security and contact us whenever you receive communications that seem to be from SARS.


© 2020 Nexia SAB&T. ALL Rights Reserved. Nexia SAB&T is a member of Nexia International, a leading, global network of independent accounting and consulting firms that are members of Nexia International Limited. Nexia International Limited, a company registered in the Isle of Man, does not provide services to clients. Please see the “Member firm disclaimer” for further details.