International Fraud Awareness Week (17 to 24 November 2024) is an annual global observance highlighting the scourge of fraud in society and the efforts that various sectors are implementing to address this growing challenge.
“The role technology plays in fraud, and scams is becoming particularly challenging in South Africa,” says Nazia Karrim, head of product development at the Southern African Fraud Prevention Service (SAFPS). “With South Africa growing into an increasingly connected society, online fraud is a significant challenge that needs to be addressed.”
Business Email Compromise (BEC)
The increased nature of technology-based fraud is evident in the recent statistics accompanying it. This is a significant challenge for companies that have individuals who may become victims of fraud and scams.
“BEC is a type of cybercrime in which the scammer uses emails and other tactics to trick someone into sending money or divulging confidential company information. As an impersonation scam, BEC scams are very effective. According to our SAFPS statistics, this type of fraud saw a large jump in 2023,” says Karrim.
Some interesting statistics
In the 2022 version of the Interpol Africa Cyberthreat Assessment Report, Interpol pointed out that South Africa was the third most attacked country in the world and experienced the most cyberattacks on the African continent.
In its 2024 version of the report, Interpol pointed out that the African cyber threat landscape in 2023 remained highly dynamic, with attacks evolving rapidly in sophistication and scale.
To further illustrate the rapid growth of cybercrime, it is estimated that in 2023, the average number of weekly cyberattacks per organisation in Africa increased by 23% year-on-year, making it the highest average globally. Business Email Compromise Scams and Ransomware Attacks were identified as the most significant risks African organisations face.
According to the 2024 edition of the Interpol Africa Cyberthreat Assessment Report, phishing emails were identified as the most common attack vector for business email compromise scams in nearly 80% of African member countries in 2023.
Member countries reported that, in combination with phishing emails, perpetrators are exploiting various media as part of BEC schemes, including text messages, phone calls, and virtual meetings.
Scammers use time to perfect their attacks
A significant threat regarding technology-based scams is the patience displayed by scammers.
“Regarding technology-based scams, the major threat is not always immediate. Scammers are patient and may infiltrate a system (which is the initial threat) and wait up to 200 days silently assessing their victims’ interactions, with the people they are connected to, before launching their major attack. When the time is right, scammers adopt the same tone to carry out their scams. This makes the scam ultra-realistic.”
Karrim adds that these scams impact our entire economic ecosystem, from consumers to companies and their suppliers, staff members, and sometimes even Government Authorities.
“Our message during International Fraud Awareness Week is for companies to audit their cyber security policies, programmes, and protocols and make sure they are implemented across the organisation. It is also important for companies to have a strict cyber policy regarding remote workers and educate them on the importance of improving personal cyber security awareness.
“Home networks will not have the same level of cyber security as businesses, and employees may unknowingly compromise them at home and bring the threat into work. Remote workers need to be aware of this,” says Karrim.
Be especially cautious during Black Friday
From a consumer point of view, it’s important to exercise caution and vigilance, particularly towards the end of the year with the traditional festive shopping season. This kicks off with Black Friday on 29 November, which is itself a major platform for scammers.
Manie van Schalkwyk, CEO of SAFPS, points out that while we all want to spoil our loved ones and get great deals, consumers must know that scammers are highly active at this time of the year.
“BankservAfrica’s online card authentication service, 3D-Secure, recorded 1,4-million Black Friday transactions totalling R1,39-billion during Black Friday 2023. This increased by 11% from the 1,2-million transactions in 2022 and was a 29% improvement from the R1-billion spent during that event. So, there is interest in these sales despite the tough economic conditions. We have seen a continuous increase in scams over Black Friday, which is concerning,” says Van Schalkwyk.
Some of the typical Black Friday scams involve inflated prices on “Black Friday Specials”, advertising well-known products, and directing consumers to spoofed websites that look like online payment portals.
“Again, technology plays a significant role in the majority of these scams,” warns Van Schalkwyk. “Consumers are gravitating to social media marketplaces as alternatives to conventional stores as they offer better deals. However, these platforms are being used to market products that don’t exist or to used (second-hand) products that are being marketed as new.”
Protect yourself against banking scams
Banking scams are also prevalent at this time of year. Van Schalkwyk points out that there are ways for consumers to ensure that they do not become victims.
If you did not initiate a request or discussion with the person or organisation directly, and you are not expecting any communication from them, take precautions and protect yourself from falling victim to a scam by:
- Verifying the communication and making direct contact with the person or organisation using contact details found on your official statements or on the organisation’s official website;
- always using their official website, secure portal, or mobile application; and
- Not responding to the message or calling the numbers provided within the message.
It is vital to note that if you receive a call or message from an institution employee informing you that they need confirmation of transactional or personal information, or they need you to complete a verification process (using a one-time pin/ OTP or input your username and password), do not respond to the message. Close the message or hang up the call politely without providing any information.
Scams prevention toolbox
Karrim points out that the SAFPS launched Yima in response to the growing need for a proactive approach to fraud prevention.
“The Yima website hosts a scams prevention toolbox for South Africans to report scams and scan any website for vulnerabilities related to scams. Consumers can expand their knowledge on the ways to identify a scam. These tools will enable consumers to confidently surf the internet and access key products such as online banking and money transfers. These are just some exciting elements South Africans can access through the site,” says Karrim.
The website’s main element is the ability to report a scam incident or any suspicious activity to the SAFPS using the Yima website. Suspicious activity can be reported, including a fake or suspect-looking online shopping website or portal and instances where the user has received phoney banking information. Intelligence gathered from these reports will be collated and shared with law enforcement for investigations. Users can also access a scam hotline (083 123 7226) to report a fraud incident directly to their banks, retailers, insurance companies and the South African Police Service via a single number. These features are live, and all parties have access to it.
“Additionally, Yima users will have access to the consumer products and services offered by the SAFPS at no cost. Protective Registration and Fraud Victim Registration are two important products that protect victims of impersonation scams. Combined with Yima, the SAFPS has created a bouquet of products that takes the fight to fraudsters and scammers. As the custodians of fraud prevention in Southern Africa, we are making a difference to the threat landscape,” says Van Schalkwyk.