Am I at risk of being scammed when using Sars MobiApp?
QI’ve received notice of a SA Revenue Service (Sars) tax refund via SMS and e-mail. I could tell from the website address (I did not click on it) that it was a hoax e-mail. I use the Sars MobiApp. Am I at risk of being scammed? – Anonymous via email.
ABrian Pinnock, cybersecurity expert at Mimecast, answers:
You are usually at risk of being scammed if you click on a link or open an attachment in an SMS or e-mail. (There are a few types of attacks that simply require you to open an e-mail, but these usually work only on older versions of e-mail software such as outdated versions of Microsoft Outlook.)
There are essentially two types of phishing attacks:
● Untargeted attacks. These are the most common and are usually conducted via e-mail (phishing) or SMS (smishing). Untargeted attacks are often
generic and usually don’t contain any of your personal details. You should still report these attempts to Sars with all details, such as the sender’s email or mobile number and the nature of the scam.
● Targeted attacks (spear phishing). These are usually conducted via e-mail, SMS or even scam phone calls. They often contain accurate personal details such as your name, identity number, address, account number or tax number. You should be concerned if you are in the crosshairs of a targeted attack as it means criminals have access to at least some of your information already. This type of attack is more serious, and one should be alert to the possibility that a SIM swap or pretexting attack has or may soon occur.
In both cases never click on links or open attachments. Always manually type in the full website URL rather than using your browser history or clicking on a link.
The Sars MobiApp has similar security to that of a mobile banking app and uses two-factor authentication which is strong but not infallible. Criminals usually use either a SIM swap technique or phone the victim on some pretext to try to get access to your one-time PIN.
Sars says on its website that it will never request your banking details in any communication that you receive via post, e-mail or SMS. However, for the purpose of telephonic engagement and authentication purposes, Sars will verify your personal details. Importantly, Sars will not send you any hyperlinks to other websites, even those of banks.
QWhere in the Sectional Titles Schemes Management Act or the regulations does it say that the
body corporate pays half of the cost of maintenance in respect of exclusive-use areas (EUAs)? I have been advised that according to the act, the body corporate (the trustees) must recover an additional contribution from the owners who are holders of the rights of exclusive use to defray the expenses and that these costs include insurance, rates, maintenance and repairs. But our managing agent says the body corporate must pay 50% and the owners with the EUAs must pay the other 50%. Is this accurate? — Name withheld
AAndrew Schaefer, the MD of property management company Trafalgar, responds:
An EUA is not part of an owner’s section but a special category of common property, which suggests that the body corporate should always be responsible for its maintenance and for the associated maintenance supervision, but this is not always the case.
Though the legislation does provide for the body corporate to recover the costs of that maintenance — in most cases — by way of an EUA levy, there is no provision for exactly how this charge should be calculated, or that only 50% of the maintenance costs for the EUA should be recovered from the owner concerned.
To resolve this issue, one must first look at how a specific EUA was created, so as to determine who is responsible for its maintenance.
If the EUA was created in terms of the original sectional
title plan for the scheme, then the body corporate is responsible for maintenance and the owner must pay an exclusive-use levy to cover the costs of that maintenance.
If the EUA was created in terms of the specific rules of the scheme, and those rules don’t specify anything about maintenance, then the body corporate will be responsible for maintenance and must recover an EUA levy.
However, if the EUA was created in terms of the rules of the scheme and these rules stipulate that the owner is responsible for maintenance, the body corporate cannot recover an EUA levy.
In cases where an EUA levy is payable by the owner, work out how this should be calculated. In practice, the total annual maintenance, rates and insurance costs for the EUA should be quantified to justify a monthly charge raised on the levy account.