While phishing attacks involving South African banks declined by a massive 47% in the first six months of this year, the start of the 2013 tax filing season in July heralded a significant reversal in the downward trend.
According to Yossi Hasson, MD of Johannesburg-based software as a service (SaaS) e-mail specialist, Synaq, phishing attacks involving SARS (South African Revenue Services) boosted the total number of phishing attacks by 14% in July, despite the fact that attacks involving banks continued to decline.
“Using our Secure-mail technology, Synaq constantly monitors phishing activity directed at our clients. While there was virtually no activity involving SARS earlier in the year, we detected a sudden spike in SARS activity in June. This coincided with growing awareness that tax season was almost upon us,” Hasson says.
“In July, this activity accelerated. In fact, SARS was by far the most frequent phishing bait used by fraudsters in June and July. This far outstripped activity involving any of the major banks, including ABSA which, as the largest retail bank in the country, is usually the target for most attacks.”
The SARS phishing e-mails have ranged from informing lucky tax payers that they have received a rebate; to threatening recipients with dire consequences if they don’t respond to “SARS” request for their banking details.
Hasson explains that the term phishing is a variation on “fishing,” the idea being that bait is thrown out as widely as possible in the hope that while most will ignore it, some will be tempted into biting. To get the best results, scammers will pay most attention to areas where they believe they have the highest chance of success.
“For the most part, this is more reliant on the number of potential victims – hence the upsurge in SARS-related attacks – than the institutions themselves,” he adds.
Synaq’s monitoring also shows that scammers often test the waters and will switch targets and methods periodically to get the best results. In June, for example, there was a massive upsurge in activity relating to Standard Bank. This declined somewhat in July, but attacks remained well above the Bank’s average for the year.
“In the next few months, we could well see scammers giving Standard Bank a break and focusing more on another bank. However, we anticipate high levels of activity around SARS continuing for the duration of the current tax filing season,” Hasson says.
E-mail phishing occurs when fraudsters use official-looking e-mails to lure individuals to a spoof Web site in order to obtain their banking or credit card information for use in identity theft.