While we are still grappling with the sheer impact of the pandemic on life as we know it, South Africans now also have to deal with the sudden surge of cybercrime. Shortly after the first case of the Corona-virus was reported on 5 March 2020, we have noticed a sharp increase in different cybercrimes such as carding, trick bots malware, romance scams, the infamous sextortion scams and Business Email Compromise (BEC) or account take over as its popularly known.
Business Email Compromise (BEC) is a form of cybercrime where the perpetrator either illegally gains access to your email or registers a domain similar to yours and communicates with your clients and/or your suppliers as if they are you. Very often they present a case of urgency where they urge unassuming recipients to make payments into “new” banking details or make deliveries of stock to new addresses. The escalation of BEC does not come as a surprise since SABRIC recently announced that South Africa has a high number of cybercrime victims compared to similar third world countries. In 2019 alone the global business community lost over $3.6 billion to BEC while South Africans lost nearly R2.2 billion. Although we will only have a sense of the impact retrospectively, we anticipate that this figure will triple during the current corona pandemic.
However, cybercriminals do not only target big business or SMME’s, but they also target regular individuals that are duped into online romances. Various psychologists have suggested that the imposed isolation of the lockdown is leading to severer loneliness. This has created a lucrative opportunity for cybercriminals to exploit this weakness by luring desperate individuals into false romances. During the courting phase of this romantic expedition, the perpetrator will collect personal information about the victim. When the time is right, the suspect will present a case of urgency requesting for the victim to deposit cash, either once of or over an extended period.
What is clear is that cybercriminals are exploiting the genuine hunger for news and information around the COVID-19 and are tricking consumers into clicking on links that install tracking software on their electronic devices, or links that redirect them to fake websites which require banking information, user names and passwords or donations.
In a recent blog post, Google announced that it continued to block 240 million phishing and malware emails daily, also, 18 million malicious coronavirus-themed emails sent to Gmail users were noted and blocked. While there are many other reported cybercrimes, consumers need to remember the following:
- If you are working from home, make sure you have the latest anti-virus software.
- When you receive any unsolicited email or SMS do not click any links or open any attachments unless you can verify the sender.
- Emails that seem too good to be true are probably linked to cybercriminal syndicates. If you are in doubt throw it out!
- Communicate with clients or suppliers the process that you will follow should you wish to change your banking details or delivery address, this will prevent any potential cyberattacks.
- If you are lonely rather reach out to friends or family through a video call if this is not an option never give any personal information or make payments to persons you have never met.
- Use separate emails for work and personal use, it also important that you also register another email address to use only when registering on websites. Don’t forget to use different passwords for each email. This will ensure that when the integrity of either email is compromised, the impact does not overflow to other email addresses.
Lerato Mpobane is the Group Chief Executive of Bokang Africa Group, a boutique group of firms, each is anchored in magnifying the facets of fraud, corruption and other serious or violent crimes. A well-respected security researcher, she specialises in developing policies and systems to combat cybercrime, she also helps businesses understand their security posture by identifying weaknesses and vulnerabilities. Lerato also serves as the Gauteng Regional Treasurer for The Association of Private Security Owners of South Africa (TAPSOSA).