All About Google
Digital Pickpockets Getting More Efficient
Possible accomplice to digital fraud; by acts of commission or omission
In Brief
- We had asked, how many other Freddies were out there? We didn’t expect them to be more enough to crash our mail-server.
- While Nedbank’s Annaleigh Vallie (Executive Head: Integrated Communications) didn’t even bother to try to beat her counterparts at Standard Bank, her vastly-resorced team appeared not to have undertaken any believable investigations, but instead just confirmed our findings and made refunds for loots that had benefited their books for months.
- The wonder we are still left with is; how do these fraudsters get to know which bank accounts to attack considering the discovery that most of Ndayishimiye account would start soon after the account received some deposits and would go quiet when the account is overdrawn! Could there be players within the banks!
- We have learnt our lesson, hence not going to ask how many other victims are out there, we don’t want our mail-server to be jammed again
- Why should these banks wait for an under-resorced uSpiked to draw their attentions to individual cases before doing the right thing by their clients (consumers)?
When we first reported on the digital pilfering of one Freddie, we asked, in the naïveté of the uninitiated: How many other Freddies could there possibly be? What we did not anticipate was that Freddie was less an exception and more a franchise model.
Within hours of publication, our inbox became a confessional booth for the digitally dispossessed. Hundreds of South Africa’s consumers wrote in, each with the same quiet horror: unexplained debits, all bearing the unmistakable imprimatur of Google. uSpiked did what any self-respecting publication would do when confronted with a systemic haemorrhage, it summoned its full-complement of Investigative Journalists, data scientists, (most working remotely from across the world) and, eventually, strong coffee.
From the evidence now in our possession, one fact stands out with admirable democratic consistency: not a single South African bank appears exempt.
The first to write to us was Mr Regis Ndayishimiye, a legal immigrant from Central Africa and proprietor of Shaka Computer Solution, an internet café in Mowbray. His case did not merely open a Pandora’s Box; it smashed it with a sledgehammer. At the centre of this unfolding theatre stand two unlikely dance partners: the banks and Google.
Banks, it would appear, do not merely observe fraudulent transactions, they invoice them.
It is noteworthy that both Freddie and Ndayishimiye are legal immigrants from Central Africa with French being their primary language; so one can imagine the two and others like them trying make their cases to local consultants at the local banks.
Mr Ndayishimiye, who banks with Nedbank Limited, provided statements covering 10 November 2025 to 06 February 2026. In just six pages, we counted forty-two (42) Google-associated debits, accompanied by an equal number of charges politely labelled “Cross Border”; a phrase which here seems to translate loosely as administrative applause for theft by Nedbank.
Our preliminary findings suggested that through the 42 transactions, R7,432.59 had been siphoned off from Ndayishimiye account. Nedbank, in turn, appeared to have earned R204.16 in fees for facilitating the privilege. That is 2.75% of the loot.
Naturally, we reached out to the two provided directors of Google South Africa (Pty) Ltd (m2006/035611/07); local custodians of the sprawling empire known as Google LLC to inquire how, precisely, fraudsters were redeeming funds through their systems. Silence, as they say, is golden. In this instance, it was also deafening.
The two director who have ignored are queries are provided as that provides as its directors; Valentine Anthony Bohan and Nancy Mable Walkers of County Westmeath, Ireland and Los Altos, Ca, 94022, USA respectively.
Their mutual silence could be attributed of their knowledge of the stipulation of Section 77 of the Companies Act 71 of 2008 that warns that the directors may be held personally liable for losses if they:
- Authorise unauthorised transactions.
- Approve false or misleading financial statements.
- Allow reckless or fraudulent trading.
This corporate quietude arrived even after Google concluded a settlement with the Competition Commission last October over its impact on South African media. As one door seemed to close in the last quarter of last year for this Big-Tech, it was opening another; preferably onto someone else’s bank account.
Eventually, Nedbank confirmed that the fraudulent activity dated back to September 2025 and that forty-two transactions totalling R7,677.45 had been refunded.
Here is Nedbank’s response in full: “Please see response from Nedbank. Comment can be attributed to a Nedbank spokesperson.
“Following an internal investigation, we can confirm that this card fraud case dates back to September 2025. We can also confirm that all Google transactions from November 2025 onwards (42 transactions totalling R7,677.45 including fees) have been refunded.
“Nedbank takes the safety and security of its clients seriously and is committed to protecting its clients against fraud.”Admirable until one recalls the German proverb: Der Teufel steckt im Detail.
If the fraud began in September, and if the perpetrators typically execute multiple debits simultaneously, then logic dictates the number of transactions must exceed forty-two; the exact total recorded between 10 November 2025 and 6 February 2026.
This dance, we regret to report, has become less a waltz and more a stampede.
uSpiked is therefore considering referring the affected consumers who have contacted us to the National Consumer Commission, whose statutory authority may prove more persuasive than our increasingly exasperated emails.
*Additional data processing by Miguel García of San Francisco, California