Research conducted by consumer credit reporting agency TransUnion reveals increasing digital fraud activity in South Africa, linked to the Covid-19 pandemic.
Meanwhile, Kaspersky data shows that more than two-thirds of local respondents say that either they or their loved ones have suffered from criminals via social networks since the outbreak of the virus.
Around two in five consumers (41%) reported that they are personally aware of a Covid-19-related digital fraud attempt targeting them in the last three months, with 7% having fallen victim, TransUnion said.
The top Covid-19 related digital scam was fake insurance, followed by unemployment and third-party seller scams.
Among those who said they were hit by Covid-19-related digital fraud in the last three months, 27% said they were targeted with an insurance scam, up 11 percentage points from Q1 2021.
A survey conducted by global cybersecurity company, Kaspersky reveals that 68% of South African respondents say that either they or their loved ones have suffered from criminals via social networks since the outbreak of Covid-19.
In most cases fraudsters pretended to be familiar with potential victims: the manipulation scheme presented a request for help from a friend (59%).
“Social media are highly integrated into our daily life and scammers just cannot miss the opportunity to reach users directly through all the popular platforms. The fraudsters may find your personal data in your social media account and use it, for example with social engineering methods.
“In this case, we shouldn’t forget about basic security rules. For example, it’s better to hide private data and double-check your interlocutor if he urgently asks to transfer money or open a suspicious link,” said Maher Yamout, a senior security researcher at Kaspersky.
People also try to stay safe from scammers through special apps and programs. According to the survey, around half of local respondents use special security solutions (antivirus) to protect themselves against online scams, 45% installed Caller ID and 31% apply built-in phone functions (blacklist, etc.) against phone fraud.
With digital transformation a top priority on the corporate agenda as companies identify new ways to grow their business, cyber attackers and opportunist cybercriminals remain very active, said Kaspersky.
And although Africa is not necessarily considered a focus area for the more sophisticated types of cybercriminal activity such as targeted attacks or advanced persistent threats (APTs), the continent is certainly not immune to these or other types of cyber risks, warn Kaspersky researchers.
When looking at the general cyber threat landscape as it impacts consumers and businesses, Kaspersky research shows that globally in 2020, approximately 10% of computers experienced at least one malware attack. In South Africa, the figure is only slightly under the global 10% average.
In South Africa, Kenya and Nigeria, Kaspersky’s research has identified the top malware families as ransomware, financial/banking trojans, and crypto-miner malware. When comparing Q1 2021 with Q2 2021, Kaspersky saw a 24% increase in ransomware in Q2 2021 in South Africa, as well as an increase of 14% in crypto-miner malware.
While on a technical level, not much has changed when it comes to cyberattacks, what is different is that the pandemic presents a persistent topic in which the world has a vested interest.
So, unlike the Olympics which is limited in terms of a timeline, the pandemic offers a wealth of opportunities for cybercriminals to use malware to attack. Everything from the daily numbers and lockdown restrictions to vaccinations, hackers are leveraging on every aspect of the current situation to compromise systems, said Kaspersky.
“While the bulk of attacks are still speculative and randomly targeting individuals and businesses, there is a shift happening with the increase of APTs and more strategically targeted based attacks. These use continuous, clandestine, and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged period, with potentially destructive consequences,” it said.
Attackers are now focusing on specific companies and individuals where they can get the maximum benefit. The new approach of ransomware is to expose data, negatively impacting the reputation of a company. To this effect, financial crime has become more sophisticated and organised.
The financial services sector remains a top targeted industry in Africa when it comes to cybercriminal activity and such cyber threats – not surprising when one considers the digital-first approach this sector continues to take, driven by the needs and expectations of its customers.
“It is relatively easy for a hacker to target an individual and capture passcodes, one-time passwords, and install malware on their computers to get financial information. Increasingly, this is expanding to financial institutions given the sheer number of new entrants in the market emerging,” Kaspersky said.
For hackers, online or cyber fraud offers direct monetisation of an attack and gives them access to money as quickly as possible.
Financial-based malware and cyberattacks are also becoming more targeted, complicated, and difficult to prevent, and with digital transformation progressing at a rapid rate within such a sector, there is no shortage of attack surfaces for cybercriminals to exploit, Kaspersky said.
Kaspersky reminds you about the basic security rules:
- Do not click on suspicious links in emails and messages in chats.
- If you have found out about a particular promotion and want to participate, check the official website or official social media accounts to reassure that this company or brand is holding it.
- Install a reliable security solution with up-to-date databases of phishing sites, scams and spam.
- Never share confidential information with third parties, including a one-time code from an SMS or push notification.
- Install a solution that detects phone numbers of spammers and fraudsters.
- If an offer on the Internet sounds too tempting to be true, then most likely it is fake.