Warning over cybercrime surge in South Africa this holiday season
As 2024 draws to a close, businesses face the dual pressures of year-end fatigue and the festive season rush, creating a prime opportunity for cybercriminals to pounce.
Mukondeleli Masiza, Complex Claims Handler for Liability, Financial Lines and Cyber at Allianz Commercial South Africa said that the increased workloads and fast-approaching deadlines make companies particularly vulnerable to attacks; especially through Business Email Compromise (BEC) schemes.
“With employees often stretched thin and distracted, the risk of falling victim to such scams is significantly heightened, necessitating increased vigilance and proactive measures to safeguard against potential losses,” said Masiza.
According to research from Allianz, the frequency and value of large cyber insurance claims were up 14% and 17% year-on-year in the first half of 2024, with data and privacy breach-related elements present in two-thirds of these losses.
South Africa ranks 14th globally in the average cost of a data breach, reaching $2.78 million (~R50 million) in 2024, according to Allianz.
With year-end fast approaching, Masiza warns of a proliferation of Business Email Compromise (BEC).
BEC)is a sophisticated cybercrime that targets organisations by infiltrating email systems to carry out unauthorised transactions.
A common tactic is altering banking details on legitimate invoices.
For example, a retail company might receive an email from a trusted supplier, XYZ Manufacturing, claiming updated banking information due to a ‘system upgrade.’
If the finance team fails to verify the change, they may transfer funds to the fraudulent account, only realising the scam when the real supplier inquires about the overdue payment.”
“The South African business landscape, with its diverse array of industries and extensive digital communication networks, is particularly susceptible to these attacks,” said Masiza.
She said that as the year comes to a close, employees frequently find themselves burdened by the demands of finalising tasks, reconciling finances, and preparing for the holidays.
This heightened pressure, along with the distractions that come with the festive season, provides a perfect opportunity for cybercriminals to pounce.
How to combat this
To combat the rising threat of BEC, Masiza said that businesses must prioritise cybersecurity awareness and vigilance.
“This involves educating employees about the tactics used by cybercriminals and encouraging a culture of scepticism towards unexpected email requests, especially those involving financial transactions,” said the Allianz expert.
Regular training sessions and phishing simulations can help reinforce these practices, ensuring that employees remain alert and informed.
Moreover, she said that implementing robust email security protocols is crucial.
This includes implementing advanced email filters to block malicious content before it reaches inboxes and enabling multi-factor authentication for email accounts, which adds an extra layer of security, making it harder for unauthorised users to gain access.
On top of this, the Allianz expert said that businesses can adopt several other measures to protect themselves from BEC attacks, which include:
- Verification Processes
Implement strict transaction verification, such as requiring multiple approvals or confirming requests through alternate channels, like a follow-up phone call.
- Access Controls
Restrict access to sensitive information and financial systems to only those who need it, reducing the impact of a compromised account.
- Incident Response Plan
Create a detailed incident response plan to ensure a quick and coordinated reaction to BEC attacks, minimising potential damage.
Going forward
“Despite best efforts, no security measure is infallible,” said Masiza.
She said that businesses should consider investing in insurance policies that cover cybercrime-related losses to provide a financial safety net, helping businesses recover from the impact of an attack and maintain operational continuity.
By promoting vigilance, implementing strong security measures, and using insurance solutions, the Allianz expert said that organisations can better safeguard against this rising cyber threat.
“In doing so, they not only safeguard their financial assets but also reinforce their resilience in an increasingly digital world,” said Masiza.
Read: Kissing cash goodbye in South Africa – there’s a big problem