The South African salvage car industry is under scrutiny once again—this time not because of the vehicles, but because of potential internal vulnerabilities at one of its largest players: Salvage Management & Disposals (SMD).
Recent scam alerts issued by SMD (see image below) raise critical concerns: how are fraudsters gaining access to client information, invoice details, and auction activity?
This wave of fake invoice scams suggests that someone—somewhere—may be gaining access to sensitive buyer data. So we’re left asking the question:
Is SMD suffering from a data breach, or is there insider involvement enabling this fraud?
We’re not pointing fingers—yet. But the signs are too serious to ignore.
🕵️♀️ The Red Flags: What’s Really Happening?
Buyers have reported receiving fraudulent payment requests that mimic SMD invoice layouts, complete with customer details, vehicle info, and deposit instructions. This suggests the scammers may have inside knowledge or access to systems meant to be secure.
Some uncomfortable but necessary questions:
- How are scammers replicating invoice formats so accurately?
- How do they know which buyers won recent auctions?
- Why do scams often hit right after a successful bid?
If these scams were purely random, they wouldn’t be so specifically timed or tailored.
⚠️ Could It Be a Data Breach?
It’s possible. If SMD’s internal systems have been compromised—whether through phishing, outdated tech, or poor cybersecurity practices—it may have allowed sensitive client information to leak.
A data breach, especially one involving banking details or login credentials, would be a serious violation of the Protection of Personal Information Act (POPIA).
🤔 Or Is There Insider Activity?
Another theory circulating among buyers is that there may be internal involvement—whether through intentional leaks, bribed employees, or poor access control.
To be clear: there is no public evidence proving this. But the patterns are worrying, and the industry deserves answers.
In a digital era where trust is everything, even the perception of corruption or weak internal security can cause real damage.
✅ GoBid’s Model: A Refreshing Alternative
In contrast, GoBid.co.za is being praised for its closed-loop auction system, where all activity—bidding, invoicing, payments, and communication—takes place within a secure user dashboard.
There are no invoice PDFs sent via email, no third-party banking instructions, and no way for an outsider to intercept the process without breaching a secured account.
By reducing the number of human touchpoints and automating its systems, GoBid has minimized the risk of insider fraud or external phishing.
🧭 Final Thoughts: The Industry Needs Transparency
We’re not accusing SMD of wrongdoing. But when this many buyers are being targeted by scams, someone needs to answer the hard questions. Is it time for SMD to audit its internal controls and consider a more secure, end-to-end digital platform?
In the meantime, buyers need to protect themselves by staying vigilant, verifying every invoice, and possibly considering platforms like GoBid.co.za that offer a safer, more transparent buying experience.
Have you experienced a fake invoice or suspicious request?
Share your story anonymously to help protect others. The more we talk, the safer the space becomes.
