South African taxpayers are being urged to stay alert as fraudsters prepare to exploit the country’s 2026 tax season. With SARS set to begin auto assessments in July, banks and fraud specialists are warning that criminals are already using fake refund notices, payment demands and phishing messages to target consumers.
Standard Bank says tax season remains one of the busiest periods for financial scams because millions of people expect communication from the South African Revenue Service (SARS). Criminals use that expectation to make fraudulent emails, SMSes, WhatsApp messages and phone calls appear legitimate.
SARS auto assessments will run from 1 July to 12 July 2026, while the filing season for non-provisional taxpayers opens on 13 July and closes on 23 October 2026. Non-provisional taxpayers are generally salaried employees whose employers deduct PAYE throughout the year. Because many of these taxpayers receive assessments or tax-related notifications during this period, they can become easy targets for scams designed to mimic official SARS communication.
According to Standard Bank Head of Fraud Operations Marius le Roux, fraudsters often rely on fear, urgency and confusion to convince victims to act without verifying information. Criminals frequently impersonate SARS officials, bank representatives or law enforcement authorities to gain access to banking profiles, steal personal information or persuade people to transfer money.
Fake tax debt notices remain a major threat
One of the most common scams involves messages claiming that a taxpayer owes money to SARS. Victims may receive an email or SMS stating that there is a problem with a previous tax return or that immediate payment is required to avoid penalties, legal action or account restrictions.
These messages often include realistic-looking documents, reference numbers and banking details. Some fraudsters even offer discounts for immediate payment to create additional pressure. However, taxpayers should be cautious of any request that demands urgent action without allowing time for verification.
Another variation involves fake banking details. Criminals provide an account number and claim it belongs to SARS, hoping taxpayers will transfer funds before checking the information through official channels.
How secure account scams work
Standard Bank has also warned about so-called “secure account” scams. In these cases, fraudsters tell victims that their money is at risk due to suspicious activity and must be moved to a safe account while an investigation is conducted.
Criminals may claim to be working with a bank, SARS, the police or another government authority. Financial institutions repeatedly stress that customers will never be asked to move money to another account to keep it safe.
Cybersecurity specialists note that similar tactics are being used in a growing number of digital scams and phishing attacks, where fraudsters exploit trust in recognised organisations to obtain sensitive information.
Fake refunds, QR codes and phishing websites
Tax refund scams remain one of the most effective methods used by criminals. These messages typically claim that SARS owes the taxpayer money and provide a link to verify banking information or process the refund.
Fraud experts warn that some scammers are using domains that resemble official government websites. One example highlighted recently is sarsdue.xyz, which is not affiliated with SARS. Taxpayers should remember that legitimate SARS online services operate through official government channels and not through suspicious third-party websites.
QR codes, email attachments and links contained in messages can also pose significant risks. Clicking a malicious link or scanning a fraudulent QR code may install malware, redirect users to fake login pages or expose banking credentials, card information and one-time PINs.
Fraudsters are also targeting taxpayers with fake auto-assessment notices, asking them to update banking details, verify compliance status or complete a tax process through a link. These messages are designed to capture sensitive information rather than assist taxpayers.
Read More
The safest approach is to visit SARS directly through its official website at sars.gov.za rather than using links received through messages. Taxpayers should independently verify payment requests, avoid sharing passwords or OTPs, and treat any unexpected communication with caution.
Suspicious SARS-related emails, SMSes or websites can be reported to phishing@sars.gov.za. Taxpayers can also contact the Fraud and Anti-Corruption Hotline on 0800 00 2870.
As filing season approaches, experts say the simplest defence remains the most effective: pause before clicking, verify before paying and always confirm information through official SARS channels.
Make Swikblog your go-to source on Google for reliable updates, smart insights, and daily trends.
