September 20, 2022
South Africa records spike in online impersonations
The South African Fraud Prevention Service (SAFPS) has released statistics indicating a massive increase in online impersonations. This non-profit organisation, which focuses on fraud prevention from identity theft and impersonation, warned South Africans of a spike in fraud from 2021 to 2022. During this time, SAFPS noted an increase of 264% in the number of online fraud cases.
The majority of these impersonation crimes are the result of recent major data breaches. A few of South Africa's largest enterprises have fallen victim to cyber crime in the past few months. TransUnion, Dis-Chem and Experian are among the largest entities to experience a major cyber security breach in South Africa.
SEACOM Business works in partnership with South African organisations in the prevention of cyber crime. We offer cyber security solutions that are designed to detect, mitigate and prevent security and data breaches, including impersonation crimes related to email phishing and identity theft.
Data leaks lead to more impersonation crimes
After the Protection of Personal Information (POPI) Act came into effect in July 2021, data security in South Africa has become a major concern for businesses. There is now a legal requirement for companies to handle personal information in a secure way. Organisations need to ensure that they have the right cyber security solutions to prevent cyber crimes, such as identity theft and online impersonation. Despite this, we have witnessed a few major security breaches in 2022.
Three million South Africans were affected by the TransUnion breach that happened in March 2022. Exposed personal information, ID numbers, contact details and employment details fell into the hands of cyber criminals.
In another incident, which happened in May 2022, 3.6 million records were breached in an attack on Dis-Chem. In this attack, the retail pharmacy giant became the target of cyber criminals looking to gain access to personally identifiable data. With all this data in their arsenal, cyber criminals are well-positioned to embark on impersonation crimes.
This massive rise in data breaches indicates how vulnerable organisations are to impersonation attacks. Fraud incidents in Gauteng were the highest in the country, with 62% of the country's total taking place in this province. KwaZulu-Natal constituted 18% of the total fraud incidents - an increase of 106% compared to last year. Similarly, the Western Cape saw a 133% increase in fraud incidents compared to last year.
Cyber security for South African businesses
Increased digitisation in South Africa, particularly since the start of the Covid-19 pandemic, has paved the way for increased cyber crime activity. With employees working remotely, the use of insecure personal devices and home routers is putting business networks at risk.
Businesses need email protection tools to filter suspicious communication and protect business networks from being exposed to attacks. SEACOM Business recommends using a cloud-based VPN at the very least to ensure that remote users can securely access business networks from any device. With SEACOM Business, our enhanced email protection solutions protect business emails from malware spam and phishing.
Sending seemingly legitimate emails from an employee email account is an easy way for cyber criminals to engage in email phishing. Even one compromised email can have a devastating effect on a large enterprise, paving the way for a ransomware attack or breach of confidential data. Business email compromise is a significant concern in South Africa, which is a hotspot for phishing emails and the highest rate of attacks compared to its neighbours.
It is not just large enterprises that need to protect themselves against online impersonation attacks. In South Africa, small businesses are the least prepared when it comes to mitigating online threats. From 2021 to 2022, there was a 70% increase in Trojan-PSW (Password Stealing Ware) detections in South Africa.
This malware was used to steal passwords and other other types of confidential account information. It allows cyber criminals to access business networks and steal sensitive data. This type of online impersonation attack is often targeted at small businesses which do not have adequate cyber security protection.
Enhanced data protection for business
Data encryption offers one of the best defences against ransomware and online impersonation attacks. Multi-layered encryption protects data at a system and user level, ensuring a high level of data security from both internal and external threats. SEACOM Business offers customisable advanced encryption tools. For example, data can be encrypted across hybrid networks to ensure that both on-premises and cloud networks are kept secure.
While encryption is the first line of defence, businesses also need to make sure that their employee and customer credentials are secure. Compromised credentials are one of the main precursors to online impersonation crimes. As such, businesses need to implement strategies for preventing the loss or breach of usernames and passwords.
Remote access control is a security tool that allows businesses to maintain excellent visibility into who is accessing their networks and from which devices. This supports the remote working trend and a hybrid office, allowing IT teams to monitor users and devices from a centralised console.
Access can be instantly granted or revoked and this security solution includes automated tools for risk management and risk measurement. Automatic responses to compromise credentials ensure that appropriate action can be taken. Depending on the level of risk, security software can be automated to destroy or quarantine data, depending on the nature and severity of the breach.
SEACOM Business offers security solutions
Making use of virtual private networks is an effective defence against online impersonation attacks. Cloud-based VPNs prevent hackers from gaining access to networks and stealing personal data. With SEACOM Business, end-to-end encryption ensures that remote teams are protected no matter where they are connecting from.
SEACOM Business offers a range of enterprise-grade cyber security solutions to ensure that digital records are protected at all times. To address the rise in online impersonations, our solutions include advanced level encryption, enhanced email security, remote access control and the latest in automated machine learning technologies. For more information or to get a quote for our cyber security solutions, email us at marketing@seacom.com or leave us a message.
SEACOM owns Africa’s most extensive network of information and communications technology (ICT) infrastructure, including subsea cables and secure internet connections. We offer a diverse range of flexible, scalable and high-quality solutions for businesses that meet world-class standards for connectivity.
SEACOM is privately owned and operated, making it agile and adaptable to the needs of the customer. This makes us the preferred ICT and internet connectivity partner for African businesses and peripheral service providers. We can guarantee high-speed, low-latency and secure internet connections to corporates and small enterprises.
For more information on our internet and voice solutions, follow us on LinkedIn, Facebook or Twitter. Keep an eye on our news section for insightful articles and relevant news stories on African ICT, internet connectivity and our leading cloud and security solutions.
Need internet for your home? Our subsidiary, WonderNet, brings fast and cost-effective broadband internet to all Africans with a fibre-to-the-home offering.