Consistent year-on-year growth of Internet users is resulting in increased digital identities and the sharing of more and more personal information online.
As Internet users become more comfortable and interconnected with the digital tools available to them – tools that offer a convenience too good to be passed up – are the inherent security risks and all forms of possible protection and risk mitigation being considered on a regular basis?
Riaan Badenhorst, GM for Kaspersky in Africa, comments: “Growing digital identities are a natural result of the digitally transforming world we find ourselves navigating. However, getting caught up in the excitement and convenience of all things digital and with that, possessing a trivial attitude towards the privacy of digital identities and accounts – especially those that hold valuable information – could make you an easy target to cybercriminals. And this is something we see and hear about on a consistent basis today.”
News headlines and stories linked to digital fraud and scams leaving people out of pocket is becoming a more regular occurrence. In fact, to put this into context, Kaspersky research shows that South Africa is listed among the countries with the highest percentage of users attacked by Android banking malware. Furthermore, the research notes that worldwide, the number of users that encountered Android banking malware in 2018 more than tripled to reach 1 799 891.
Adds Badenhorst: “Digital fraud, the stealing of data, photos, passwords etc. are just some of the top security concerns that come with owning a digital identity. And while it may seem impossible to not have a digital identity in a digital driven society, protecting it should be a priority. Our research however shows that one in three people don’t know how they can fully protect their privacy online.”
“This is certainly concerning, especially when it comes to online banking and the rise of digital transactions,” adds Bethwel Opil, enterprise sales manager at Kaspersky in Africa. “African consumers truly enjoy the perks of the digital era and tend to shop and pay online or via mobile banking regularly.
“However, whether due to what we call privacy fatigue or a lack of security know-how, we find that many users don’t install adequate security solutions on their devices or take the necessary steps towards protection and risk mitigation – and thus knowingly or unknowingly leaving themselves vulnerable to the ill intent of cybercriminals.”
Even more concerning, from a banking perspective many believe that their bank is the sole bearer of responsibility of the security of their accounts and digital information.
“Bank agreements typically include a passage about the client’s responsibility to keep their financial information secure – particularly when it comes to pin codes, CVC numbers and one-time passwords or pins for example,” adds Opil. “Banks however in many instances usually consider compromise of these the user’s responsibility. This can result in no refunds being granted and leaving the consumer out of pocket.”
In 2018, the number of users attacked with banking Trojans was 889 452, which is an increase of 15,9% in comparison with 2017 figures. This kind of malware steals credentials for e-payment and online banking systems from victims, intercepting one-time passwords, and then sending the data to the attackers behind the Trojan. These types of digital identity attacks are among the most popular for cybercriminals, as they are focused directly on financial gain.
The good news is that the cyber insurance segment of the financial services sector is advancing – and quickly! While cyber insurance products have been available in the local market for a number of years already, as more insurance players look to capitalise, so the market becomes more competitive, which is leading to more sophisticated and affordable products being brought to market – including direct to consumer products.
Cyber insurance can’t protect a consumer from cybercrime. Rather, it is similar to an insurance on a car or house, which is intended to provide financial protection in the event of loss or damage – where cyber insurance covers against Internet-based liability and personal risk.
Continues Badenhorst: “In a growing cyberthreat landscape where the risk of falling victim to some form of cyberattack remains high, investing in cyber insurance policies should also start to filter into the personal consumer space too – supporting the need consumers have for complete transactional liability cover for loss of funds due to online theft, fraud and malware attacks should they occur. Understanding the associated cyber risks and onboarding personal responsibility for it remains key to mitigating the risk, and such additional cover is becoming more prevalent as digital identities grow.”
“Whatever the type of malware – banking trojan, ransomware or spyware – it is bound to cause trouble and consumers need to take an active role in managing the protection of their digital identities, accounts and privacy, he adds. The onus is on everyone to insure themselves against cyberattacks – and with the many options available, achieving this type of protection is viable to enjoy safe digital experiences without the worry.”
Additional steps every Internet user can (and should already) implement to protect digital identities and support data privacy include:
* Do not enter passwords or credit card details on websites that seem suspicious or are unfamiliar.
* Ensure all devices used to connect to the Internet are adequately protected with a security solution.
* Ensure strong passwords are used to access all digital accounts, and do not use the same password for all accounts. Investing in a Password Manager tool can assist in the easy management of all passwords.
* Keep a list of all your digital accounts and privacy settings to ensure your data is not made publicly available.
* Use special digital tools that allow surfing the Internet safely, like Private Browsing or detecting any webcam.