Phishing, along with similar cyber attacks attempting to steal personal information from unwitting end-users under false pretences, is on the rise around the world – and South Africa is in the unenviable position of lying in the top 10 countries targeted by phishing fraudsters.

This is according to findings from RSA’s Quarterly Fraud Report for the first quarter of 2018.

Anton Jacobsz, MD of Networks Unlimited Africa, comments: “When we look at cyber attacks attempting to steal personal information from unsuspecting individuals under false pretences either by e-mail (phishing), phone call (vishing) or SMS text (smishing), we find that South Africa is high up on the list of countries being most targeted, according to this latest report from RSA.

“The survey presents a well-researched snapshot of the current cyber fraud environment, and as such, businesses of all sizes and types in South Africa should take note that as a country, we are most certainly on the radar.”

During the first quarter of 2018 (1 January to 31 March, 2018), RSA observed several global fraud trends across attack vectors and digital channels.

The report highlights the following:

* Phishing accounted for 48% of all cyber attacks observed by RSA during this period. Canada, the US, India and Brazil were the countries most targeted by phishing, with South Africa in 10th place. The Netherlands, Colombia, Spain, Mexico and Germany rounded up positions five to nine. The top phishing hosting countries, in order, were the US, Russia, India, Australia, Canada, France, Luxembourg, Germany, China and Italy. These two lists show where fraud actors are establishing and maintaining their priorities.

* Financial Trojan horse malware – stealthy malware installed under false pretences, attempting to steal personal user information, accounted for one out of every four fraud attacks.

* Consumer transactions and fraud continue to grow in the mobile channel. In the first quarter, 55% of transactions originated in the mobile channel and 65% of fraud transactions used a mobile application or browser.

* More than 80% of observed fraudulent e-commerce transactions originated from devices that were “new,” meaning unknown to RSA’s Risk Engine at the time of observation.

“This Q1 RSA report outlines actionable intelligence to consumer-facing organisations of all sizes and types to enable more effective digital risk management,” says Jacobsz.
“For example, the report notes that during this period, RSA detected over 8 000 rogue mobile applications, representing six percent of observed attacks. When you consider that some of these rogue apps will be found in major app stores, disguised as being from legitimate companies, users are reminded that it is critically important to pay attention to the source of the app and what permissions it is requesting.

“Similarly, the high percentage of phishing attacks outlined in the report shows us that it is possible to counteract these by training employees and other users to be more aware, thereby turning them from a potential phishing liability into part of your organisation’s anti-phishing defences,” he adds.