With more than 184-million people across Africa having embraced mobile money according to a GSMA report, and with Discovery Bank and Visa research showing an increasing popularity of contactless payments and digital wallets in South Africa, these solutions have become essential to help drive financial inclusion.
In fact, SOLmate, a leading digital wallet provider in South Africa, has seen strong demand for its digital wallet offering locally, where it has enabled over 2-million transactions since inception, with 1-million of those in the last six months alone.
However, such money flows attract cybercriminals. According to Kaspersky’s statistics the number of mobile banking malware attacks globally grew by 32% in 2023. Kaspersky and SOLmate experts give advice on security aspects that should be kept in mind to have safe experiences while making digital transactions.
Financial phishing
Finance-related phishing remains a significant threat. Based on Kaspersky research, in 2023 it accounted for 27% of all phishing attacks on corporate users and 30% on home users globally.
Phishing attacks typically begin with cybercriminals crafting fraudulent emails or text messages designed to lure recipients into taking action.
These emails often mimic legitimate communications and contain links to fraudulent websites or malicious attachments designed to harvest credentials, install malware, or initiate unauthorised transactions. It’s advised to double check information and go to the official web pages or applications before sharing account details or making digital payments.
Banking trojans
Cybercrooks disguise Banking trojans as legitimate applications and lure people into installing them, for example by sending phishing text messages containing malicious URLs or links to malicious apps on third-party app stores. So, it’s safer to download apps only from official stores such as Google Play Store, Apple App Store, and so forth.
Once the banking app is launched, the Trojan displays its own interface overlaying the banking app’s interface. As a user inputs credentials, the malware steals the information. There is one critical stage in the process of stealing money – hijacking SMS with one-time passwords sent by the bank’s system as part of two-factor authentication.
That’s why users need to be cautious with all apps that request permission to access SMS. It is also recommended to use full-coverage security software such as Kaspersky Premium to protect devices from malware, phishing and other cyberthreats.
Unsecure connection
If proper security is not in place, hackers can access the payment information while it is being transmitted. While most digital wallets use encryption to mitigate against this threat, consumers should not use unsecure public Wi-Fi to log into their online bank accounts but rather use 4G connection, and a VPN.
Device theft or loss
If a phone, tablet or computer is stolen, criminals can potentially access sensitive financial information. It is therefore essential for a person to lock their devices and also financial apps with unique passwords.
Even with these measures in place, it is advised to enable notifications at your bank and carefully monitor banking card and account activity. Hackers might not necessarily steal a significant amount of money or attempt to purchase a high-value item. Instead, it could be a small transaction that might go unnoticed now and then which can result in the most damage over a long period. Alert your bank as soon as you spot suspicious activity.
“Digital payments are a reality in South Africa that will develop further as the benefits of contactless transactions are huge,” says Brandon Muller, technical expert for the MEA region at Kaspersky.
“Ensuring online purchases, mobile money and other digital transactions are made safely comes to basic cybersecurity safety practices: having a cybersecurity solution installed on all types of devices where money transfers are made, regular scanning of devices, installing software updates for the operating system and applications upon their availability, and checking applications permission for such crucial functions as SMS access.
“Adhering to general security best practices is essential to minimise such risks as inadvertently clicking on a malicious link that may redirect you to a counterfeit version of a well-known website or application.”
Jonathan Holden, chief operating officer of SOLmate, says: “The demand for digital wallets is certainly on the rise. The trend aligns with the broader shift toward a cashless economy. Over the past year we have continued to witness a surge in demand for our app and believe that this is fuelled by the convenience of mobile wallets, contactless cards, and peer-to-peer platforms.
“There is no denying the realities of cybercrime and its impact on digital innovation. Secure and safe digital wallet transaction is a priority within our business model, and we encourage our customers to follow recommended cybersecurity best practices to improve their digital safety and security, from small tips and tricks to utilising reliable device security software.”