November 14 to 20 is International Fraud Awareness Week. Online fraud is a growing threat that is facing South African businesses and consumers.
The increase in online fraud means that more organisations and individuals are exposed to cybercrime. In response to this, securing your online activity should take priority to protect against such digital scams.
According to Riaan de Villiers, business analyst at LAWtrust: “The global Covid-19 pandemic, which has led to more organisations transitioning to work remotely, has magnified online fraud.”
Following TransUnion’s latest quarterly analysis centred on global online fraud trends, the rate of fraudulent digital transaction attempts against South African businesses increased by 43,62% between March 2019 and March 2021.
“While the use of various online services simplifies consumers’ daily business functions, one must exercise caution to guard against online fraud attempts,” adds de Villiers.
Thus awareness is essential to ensure the protection of data against cybercriminals.
Here are five online scams that South African businesses should be aware of:
Phishing: Phishing attacks attempt to trick Internet users by disclosing confidential or personal information by using deceptive emails. The attacker could then try to use the information fraudulently.
Attack: Email looks like it comes from a legitimate source but is from a cybercriminal.
How to protect yourself: Do not click on links or download attachments from people you do not know.
Business Email Compromise (BEC): This type of online scam entails hacking, spoofing or impersonating a legitimate business email address and sending a seemingly genuine email from a reputable organisation.
How they get you: Attackers pretend to be executives or high-level employees to scam money out of an organisation.
How to protect yourself: Employee awareness training and use digital signing to sign your emails to prove your identity.
Vishing: Short for “voice phishing,” fraudsters lure people to divulge sensitive information over the phone.
How they get you: Attackers request confidential and financial information like your PIN and card details.
How to protect yourself: Awareness Training. Always verify the person’s claimed identity and represent the organisation they claim to work for.
Keystroke loggers: Keystroke loggers refer to a form of surveillance technology used to record and monitor every keystroke (keyboard capturing) made on a specific computer.
How they get you: Keystroke loggers are hidden applications that log all your keystrokes, allowing fraudsters to steal personal information and credentials.
How to protect yourself: Ensure your system is up to date. Install a good anti-malware application. To prevent fraudsters from using stolen credentials, add additional factors of authentication to log into critical systems.
Spoofed websites: Fraudsters create fake websites with the intention of misleading readers. The phoney website attempts to trick readers into divulging sensitive information.
How they get you: The website looks like a legitimate website but is a front for cybercriminals.
How to protect yourself: Check the TLS certificate on the website to see if it is a legitimate website. Find the TLS certificate information by clicking on the lock in the address bar.