In this digital age, cybercriminals are constantly evolving their methods, from fake traffic fines and urgent tax refund notifications to redirecting payments.

Their increasing resourcefulness leaves everyone vulnerable. Therefore, comprehensive education on prevention is crucial to avoid falling victim to these schemes.

Mike Bolhuis, a specialist investigator in serious, violent, and economic cybercrimes, stated that currently, the South African Police Service (SAPS) and other authorities lack the necessary infrastructure to effectively deal with cybercrime in South Africa.

He said that despite having the necessary infrastructure, they are continuously overwhelmed by the sheer volume of cybercrimes, including managing various threats and scams around the clock.

Bolhuis stated that cybercrime has escalated globally over the last five years, now accounting for approximately 80% of all crimes due to its effectiveness. “It is so successful… and when crimes are committed and not dealt with severely, it escalates.”

All that is required to commit these crimes is a basic understanding of cellphones and computers, along with research into information regarding these crimes. This knowledge enables individuals to identify and exploit those who are less informed.

Cybercriminals only need a basic understanding of cellphones, computers, and researching to exploit the less informed, he said.

Bolhuis stated that faking is easy. Genuine items, including banking documents, are difficult to distinguish from convincing copies, as they can be easily created.

“It’s a bit of photoshopping, electronic, and digital expertise, and there is always someone these criminals can get to either teach them or assist them with it. Especially now with AI being so prevalent,” he said.

Bolhuis noted that even popular nationwide stores, doctors, lawyers, and even police names and details are being used to “knock and scam”.

Over the past few years, criminals, fraudsters, and scammers have caused the loss of billions due to cybercrime, he said.

According to Bolhuis, they do make use of inside information, crooked cops, people in cellphone companies, and the banks.

“The highflyers in cybercrime always have contacts in all the serious financial institutions and authority institutions; otherwise, they have difficulty in committing these crimes,” he said.

The public remains largely unprepared due to a lack of literacy, information, training, and awareness, he said. The prevailing mindset is that new or unfamiliar digital communications are not necessarily fraudulent or malicious.

“It’s a big problem; the public’s mindset should change to being critical, careful, and to go through checks and balances, including identification evaluation, risk analysis, platform profile, track and trace financial investigation,” he said.

Bolhuis cautioned that individuals will continue to fall victim to scams and financial losses without informed decisions rooted in thorough investigations concerning monetary matters.

He noted that the fact that people do not understand and know their phones like the palm of their hands is the second biggest problem because they are not aware of the possibilities and dangers of digital and electronic communication.

“They need to know what they can do with it, what they should do, and what not to do.”

He urged the public and companies to get informed and “study crime like you are getting a degree”.

“Having the knowledge can determine how long you stay alive, how much money you will have, and how much you will lose… You need to know when to buy and sell and how to go about buying and selling,” said Bolhuis.

Bolhuis added that the profound impact of theft extends beyond mere financial loss, affecting an individual’s emotional, spiritual, and material well-being.

In a statement on Thursday, Kaspersky had blocked nearly 900 million phishing attempts in 2024 alone globally.

With South Africa’s tax season now open, Kaspersky warned citizens and businesses to remain vigilant against a rise in phishing scams that mimic SARS-related communications.

Auto-assessments have started rolling out, and cybercriminals are already exploiting this window to trick taxpayers into disclosing personal or financial information.

According to Kaspersky, fraudulent emails or messages designed to steal sensitive data are becoming harder to detect.

Kaspersky has already identified various scams, many of which appear as urgent tax refund notifications or eFiling alerts, complete with official logos, realistic language, and links to fake SARS portals.

“Additionally, now AI helps attackers write better emails, empowers them to automate scam websites, while in the short term, this can go as far as personalising messages and mimicking SARS voice prompts during call scams.

“These attacks are no longer riddled with grammar mistakes. They are professional, timely, and dangerous,” warned Chris Norton, general manager for Sub-Saharan Africa at Kaspersky.

Bolhuis highlighted a massive increase in scams involving fake proof of payment (POP), noting that these crimes are particularly prevalent due to their ease of execution.

He said if you suddenly receive an email or even a call about a change in banking details, verify with the company owner, business, bookkeeper, and bank.

Failing to investigate and making hasty decisions significantly increases your risk of being scammed, he said.

This week, the Road Traffic Management Corporation (RTMC) warned members of the public to be on high alert following reports of a phishing scam in which fraudsters impersonate the RTMC’s official National Traffic Information System (NaTIS) site to deceive individuals into paying fake outstanding traffic fines, in some cases, to gain access to their bank accounts and make fraudulent deductions.

Victims receive an email falsely claiming a R210 traffic fine, doubled to R420 due to ‘late payment’. The message warns of an increase to R645 if not paid within 24 hours, deceitfully offering an interest refund if paid within 12 hours.

The RTMC said these tactics are intentionally designed to pressure recipients into making urgent payments and sharing sensitive information, ultimately compromising their banking details.

In another recent example, the Supreme Court of Appeal (SCA) determined that the onus is on the buyer to ensure that the banking details are correct when making a payment.

In the matter, a dealership had purchased two vehicles from another dealership, and banking details were communicated via email.

During the communication process, an email was intercepted by cybercriminals, and payment of R290,000 was sent to the fraudulent account.

The buyer fell victim to a Business Email Compromise (BEC) scam. The SCA found that payment via electronic transfer is only complete when the funds are received by the correct account holder.

Speaking to Kaspersky this week, it was revealed that BEC attacks have become very common, and this cyber threat has been increasingly observed all over the world.

“Just like phishing and ransomware, this threat should be carefully considered by South African businesses,” said a senior security researcher at Kaspersky, Maher Yamout.

Yamout said BEC attacks aim to get into business correspondence to commit financial fraud, extract confidential information, or harm a company’s reputation.

He explained that the attacker relies on the victim not being too attentive and uses a domain or sender name in the ‘From’ field extremely similar to one the victim would be familiar with.

BEC attempts, though using phishing-style tricks, are more sophisticated, blending tech expertise with social engineering, he noted.

“Moreover, the techniques used are one-of-a-kind: the messages contain no malicious links or attachments, but the attackers try to trick the mail client, and thus the recipient, into considering the email legitimate,” said Yamout.

According to Yamout, a careful harvesting of data about the victim typically precedes an attack; the perpetrator later uses it to gain their trust.

“The correspondence may consist of as few as two or three messages, or it can last for months,” he said.

Cybercriminals might first steal the credentials of an ordinary worker using spear phishing and then launch an attack against a higher-ranking employee of the company, stated Yamout.

He said cybercriminals are forever inventing new BEC-attack scenarios; some common examples include a fake outside party, instructions from the boss, a message from a lawyer, and email hijack.

Yamout advised that implementing a range of effective measures can minimise the threat from BEC attacks.

“In this regard, we recommend training employees periodically to counter social engineering. A combination of workshops and simulations, such as in the Kaspersky Automated Security Awareness Platform, trains employees to be vigilant and identify BEC attacks,” he said.

Encourage employees to carefully check each email asking for payment or any sort of personal or corporate data, he stated.

“Explain to them not to publish confidential corporate data on systems with open access, for example, cloud services. They also should not share too many details about their work in social networks and other platforms where it’s publicly available,” he advised.

In addition, Yamout said security tools with a solid set of anti-phishing, anti-spam, and malware detection technologies should be used to protect corporate communication channels.

Yamout noted that new cyberattack tactics, like deep fakes, emerge with technology, convincing employees to transfer money via fake videos of colleagues, not just emails or texts.

“We estimate that deep fakes will likely increase the success rate of social engineering and BEC attacks in the future. Voice cloning and generating deep fakes are more accessible than ever, and we started seeing an increasing trend in their use.” 

Yamout recommended that for any social engineering attack, which also includes deep fakes, the user has to always validate with the other party their claims using a different channel.

karen.singh@inl.co.za

Source link