To show the surge in cybercrime, the Southern African Fraud Prevention Services reported a staggering 356% increase in impersonation fraud between April 2022 and April 2023.
South Africa is rapidly emerging as the cybercrime capital of Africa as the country is poised to surpass Nigeria and its ‘Nigerian Price’ in cybercrimes.
This is according to recent data from TCG Forensics – a private forensic company specialising in digital forensics
Jackie Smith – head of Buyers Trust, a subsidiary of Ooba Group, – said that thousands of South Africans continue to fall prey to cybercrimes despite substantial investments from both the private and public sector in boosting cyber security and the passing of the Cybercrimes Act in 2021.
Smith said that to show the surge in cybercrime, the Southern African Fraud Prevention Services reported a staggering 356% increase in impersonation fraud between April 2022 and April 2023.
She said several factors contributed to South Africa’s vulnerability to cybercrime.
The first being the last two decades’ economic expansion and evolving digital landscape, which makes it an attractive target for criminals seeking quick financial gains.
READ: SA among top five countries affected by cybercrime
“Cybercrimes can be committed by anyone with access to a cellphone and an internet connection, making these crimes incredibly easy to perpetrate. And, with only an estimated 10% of cybercrimes reported to the police, criminals feel that they can operate without consequence,” she added.
Another reason cybercrime has escalated to such a degree, said Smith, is that there were only a few police officers equipped with the specialised skills needed to address cybercrimes.
“Consequently, the prosecution and policing of cybercrimes become exceedingly difficult, allowing sophisticated organised crime syndicates to operate with relative ease in the country.”
READ: Criminal syndicates can hack your phone and banking app in minutes
Smith said that the property industry had become an attractive target for cybercriminals due to the vast amount of valuable personal data involved and the financial transactions that take place daily.
She said that as a company that was developed in part to give the highest level of security to the deposit component of real estate transactions, they had first-hand insight into how vulnerable the industry was to cyber threats.
READ: Last year’s cybercrime and data breaches cannot be a regular occurrence, experts say
Smith said the property industry should prioritise and be wary of two cybercrimes, which were data breaches and deposit phishing schemes.
She said that property companies handled large volumes of personal and financial data related to buyers, sellers, tenants, and landlords – including addresses and debit and credit card details. Smith added:
Cybercriminals may attempt to hack into online databases and gain unauthorised access to this data to commit identity theft, financial fraud, or sell the information on the dark web.
With regards to deposit phishing schemes, she said, fraudsters would intercept emails between a buyer and seller to pose as a legitimate real estate agent or conveyancing attorney to divert the buyer’s deposit into their own bank account.
READ: MEC can’t explain spouses’ R60m tenders
“Unfortunately, it can be very difficult to tell the difference between a legitimate email communication and one sent by a fraudster. This is because cybercriminals are becoming increasingly sophisticated, hacking into the attorney or real estate agent’s firm to study the language used, company letterhead and transaction types. This allows them to craft phishing emails that appear totally legitimate, while the unsuspecting buyer is cheated out of their hard-earned deposit,” Smith said.
The best way to minimise the risk of falling victim to a phishing scheme is by entrusting your deposit to a highly secure and transparent third-party alternative, which also offers a bank guarantee, she added.
How to protect yourself from email phishing scams:
· Be cautious with email links and attachments: Avoid clicking on suspicious links or opening attachments from unknown or untrusted sources.
· Double-check email senders: Scrutinise the email sender’s address carefully and be wary of emails that have slight variations or misspellings in the sender’s name or domain.
· Verify website authenticity: Before entering any personal or sensitive information on a website, ensure it is secure. Look for “https:// in the URL and a padlock icon in the browser’s address bar.
· Don’t share sensitive information: “Avoid sharing details like passwords, identity numbers, or account numbers over email or unfamiliar websites.”
· Take the ‘human element’ out of the equation.