The first and favourite means of attack from cyber criminals is via email. Yearly they generate $26-billion from spoofing and phishing attacks, a large portion of the cybercrime industry.
This is due to 80% of organisations still being vulnerable to these sorts of attacks and many fall for the innocent-looking attacks.
Business email compromise (BEC) is an everyday reality and South Africa now has the third-highest number of cybercrime victims in the world, costing about R2,2-billion annually.
Two players in the cybersecurity world announced a partnership in July to tackle e-mail crime and are starting out with an essential education list of terms and tactics to watch out for. Sacha Matulovich, co-founder and chief strategy officer at Sendmarc, explains: “Criminals get away with email crime due to the trusting nature of victims, savvy social engineering that creates the assumption that the emails they are receiving are authentic. This is because of a lack of awareness regarding phishing and spoofing scams. We intend to change that through education and protecting company domains.”
The company outlines four email impersonation attacks:
* Typosquatting: More often than not when an email is received, users do a short scan to see who it is from. If the name of the sender and/or the company domain name are recognised often it is assumed they are legitimate and taken for face value, but sometimes just one letter may be different and can be easily missed. This is a form of phishing.
* Display Name Spoofing: Forging an email is relatively quick and doesn’t require any coding skills. However, fake emails that hijack the names of employees and also mimic the formatting and unique language characteristics of the sender or company require more skill. Unfortunately, there are many websites that advertise how to forge a sender display name, and it takes just a few steps for anyone to create and send a fake email and take on the identity of the real person.
* Whaling: This type of attack is when DNS targets specifically people of high interest in an organisation like a CEO or CFO to impersonate. This makes the trick more likely to work and has been seen to work in the case of the University of Mpumalanga.
* Phishing: A type of social engineering attack where an attacker poses as someone else to steal sensitive information by posing as a legitimate source of questions/requests.
Sendmarc employs DMARC protection, a technology protocol that verifies the source of an email and ensures that only real emails ever reach an inbox, meaning that organisations are able to verify whether the emails they receive are legitimate and unaltered.
South African businesses, big and small, have experienced huge losses of up to R100 000 000, and others have come dangerously close. The University of Mpumalanga nearly lost R100 000 000 to fraudsters, had it not been for FNB suspecting a suspicious payment by the time the fraud was noticed it would have otherwise been too late. A small travel agency had its domain impersonated by someone else which resulted in a school paying sporting tour funds to the wrong account. Consequently, their U16A hockey team never went on tour.