Covid-19 has driven rapid change to our daily routines as more and more people have been forced to work remotely. Our homes have become digital fortresses, simultaneously functioning as offices, schools and shopping malls.
Unfortunately it seems that the spike in recent cybercrime statistics was likely exacerbated by the onset of the global pandemic, with South Africa appearing to be a cyberattack hotspot.
According to leading global professional services company, Accenture, South Africa had the third highest number of cybercrime victims globally during 2020, with cyberattack losses totaling R2,2 billion. The country suffered 577 malware attacks every hour, with fraud via mobile banking apps doubling within just one year.
Accenture states that South Africa might be a testing ground for malware due to less robust cybersecurity systems in place. Malware is short for malicious software which includes virusware, ransomware and spyware.
Nowadays hardly a day goes by without hearing about someone’s hard-earned savings disappearing from their bank accounts, or credit cards that are being used under peculiar circumstances, leaving the victims with wiped-out balances, and in a state of panic.
And each day these stories seem to move closer to home.
Simon Colman of SHA Risk Specialists says this is indeed the case. “Cybercrime is no longer something that affects an exclusive few, or large corporates in high rise buildings,” he says. “The unfortunate reality is, the imminent threat of cybercrime is real – and it’s getting personal,” Colman warns.
He confirms that there’s been a marked increase in the number of cyberattacks on individuals of late. “Work-from-home employees are inadvertently creating opportunities for hackers to forge tunnels into company networks through often unsecured connectivity. This is fertile ground for cyber criminals to catch people off guard,” Colman says.
So what exactly is cybercrime, and what is it that we should be looking out for?
Data theft, or hacking, remains one of the leading causes of loss due to fraudulent cyber activity. If your identity has been compromised or stolen through your computer in order to get access to your personal data, it is called hacking.
How it works: Criminals use bugs or similar exploits to hack into your computer system to gain access to your data. Any and all devices that connect to the internet – printers, cameras, routers, laptops, smartphones, to name but a few – can be hacked.
You could stand to lose all your data (including those much loved photos), money if your bank or credit cards are hacked, or – worst of all - your identity. Also keep in mind you are likely to store digital copies of personal information of your children and other family members, such as birth certificates, IDs and passports along with address and/or school information that may compromise their identity.
Phishing is one of the most common online banking fraud methods.
How it works: Traditional phishing involves an email being sent to thousands of people in the hope that someone will click on the included web link and get tricked into giving away private information, like credit card numbers, usernames and passwords.
Currently spear-phishing seems to be a big trend, which targets specific individuals: You receive an email addressed to you personally by fraudsters who obtained your personal information off a website of social networking sites. By following your digital footprint they gather a good understanding of your preferences, making it easier to trick you into well targeted phishing schemes.
This is when a criminal impersonates a known individual or business to reach out to you with the intent to coax personal or business information.
How it works: You will receive an email or SMS that appears to have been sent from an acquaintance, your bank or a service provider that you often deal with, asking you to verify details or to release payments that may be due.
Since the communication appears to be legitimate and often timely and appropriate, you are more likely to respond. In doing so, you may unwittingly disclose personal information or make payments into fraudulent accounts.
Colman says it’s important for people to become more vigilant when responding to emails, SMSs and Whatsapp messages. “Fraudsters spend significant time and energy researching their target companies in getting to understand the nature of their activities, purchasing processes and even their internal relationships. This makes fraudulent emails and mobile messages appear even more credible,” he warns.
Apart from hacking, phishing and spoofing other methods of cyberattacks include data theft and sending viruses or ransomware. Ransomware is malicious software (malware) that takes over a computer and literally holds data hostage until the individual or business pays a ransom for it to be released.
What can you do protect yourself against the potential onslaught of cybercrime?
We have put together a few practical tips to help safeguard yourself against cyber-attacks:
- Think before you click on any link in any email – consider the relevance and legitimacy of the email and whether you think you can trust the source.
- Make sure you regularly back up your PC and keep backups in a safe place, for example on an external hard drive and/or in the Cloud. Remember, don’t only back up your data – also make sure you know how to restore this data again.
- Beware of Wi-Fi shadow networks: If you are out and about, working from your laptop, tablet or mobile phone and looking for free Wi-Fi networks, you may unknowingly connect to a shadow network – a system that is intended to look like any other public network except that it’s monitored by a cyber predator. Tip: set your device to not automatically connect to available networks.
- Restrict access to sensitive personal information, especially of the type of information that would be of interest to ID-theft fraudsters. This includes ID numbers, addresses, car registration numbers, banking details, etc.
- Manage your passwords! One of the best ways to restrict access to data is of course to use strong passwords and change them regularly – yet how many of us actually do change passwords? A strong password is at least 10 characters long and includes symbols (%,@,*) and numbers. You can use Lastpass- a password manager that acts like a vault for all your account and password information – or use a password generator.
Be proactive – be prepared
Any form of cyber threat can have far reaching consequences for those targeted by cybercriminals; the affects can be particularly devastating if you don’t have sufficient resources and infrastructure in place to prevent or mitigate your exposure to cyber risks.
Santam, together with its subsidiary, SHA, offer a combination of first and third party insurance cover that respond to a data breach or a cyber incident. To find out more about cybercrime threats, watch this video on cyber liability and cyber security by Simon Colman of SHA.
For detailed information about Santam’s insurance offering in this regard, feel free to contact us directly or reach out to your broker.