DSD WARNS AGAINST UNAUTHENTIC SITES FOR THE APPLICATION OF THE Covid SRD OF R370

26 February 2026

Parliament:- The Department of Social Development and it’s entity the South African Social Security Agency (SASSA) are warning unsuspecting prospective applicants of the Covid 19 Social Relief of Distress (cSRD) of sites and links purporting to be authentic platforms to apply for the cSRD

The correct and authentic application platform for all applications to the Covid-19 Social Relief of Distress is: https://SRD.sassa.gov.za.

The following links: https://srd-sassa.org.za and https://srdsassagov.co.za are fake and are used to collect data from unsuspecting applicants, stealing personal information from applicants of the cSRD of R370.

This was revealed in parliament today when the Portfolio Committee on Social Development received an update into the investigation on alleged weaknesses and fraud in the application and payment system of Social grants.

The Minister of Social Development, Ms Sisisi Tolashe instituted an investigation into vulnerabilities of the applications and systems used by SASSA for the payment of Social grants.

This was after recommendations made by the Portfolio Committee on Social Development to conduct an investigation on these alleged vulnerabilities after claims of fraud in the application system of the Covid-19 Social Relief of Distress (sSRD) were made by two students from the University of Stellenbosch.

Phase 1 of the investigation consisted of a comprehensive audit into the SRD application system administered by SASSA to determine the extent to which the system was exposed to Fraud.

The findings of this audit will serve as input as a basis for Phase 2, which will be an investigation into alleged fraud and weaknesses in the broader social grant system that results in ineligible beneficiaries receiving social grants.

The Final Report on the Vulnerability Assessment (VA) and Penetration Testing (PT) on the SRD online system administered by SASSA made the following findings, amongst others:
■That there are unidentified, malicious websites with .org and .co.za domain names that purport to be the authentic SRD application websites that are used to harvest applicants information for fraud purposes
■That the SRD web application has weaknesses,such as unencrypted communications, that present threats to the security of the platform and the safety of users. These weaknesses are classified as medium risk by the Final Audit Report.
The Final Audit recommends a communication campaign warning beneficiaries and applicants about the unofficial and fake sites that are used to harvest their information for fraudulent purposes.

SASSA has developed an Action Plan to respond to the recommendations of the Final Audit Report. It has short, medium and long term activities.

It has the following activities:

■It has replaced the HTTPS: method with a POST method to protect communications between the applicant and the server that processes their information.
■To implement a Rate Limit to limit the abnormal number of requests made to the SRD application system
■Update outdated software, and
■Implement regular patch updates and introduce biometric
■In the long term, and within 18 months, SASSA will take down the fake websites and other content that violates its brand, copyright or right to information and privacy.

Minister of Social Development, Ms Sisisi Tolashe, assured the committee of her commitment in addressing the vulnerabilities and weaknesses identified in the Covid 19 Social Relief of Distress system.

ISSUED BY THE NATIONAL DEPARTMENT OF SOCIAL DEVELOPMENT