Email Hacks South Africa: Business Email Compromise BEC.

Business Email Compromise BEC and Spoofing Email Spike in South Africa.
If in doubt delete.

Business Email Compromise BEC and Spoofing Email Spike in South Africa.

Business Email Compromise BEC and Spoofing Email Spike. South Africa is now a world leader in cybercrime. South Africa leads the world in the number of Ransomware Email Spoofing, Smishing, Vishing and Spear Phishing attacks on business and end-user customers with Domain-spoofing and email-spoofing becoming the mainstream attack vectors. Syndicates have been emboldened after the Transnet Ransomware Hack matched with the fact that South Africa has extensive IT systems that do not reflect the end user’s education and training in cyber security.

Many new Board appointments on the Johannesburg Stock Exchange have Financial and Accounting qualifications, no new Board appointees come with IT Security backgrounds. Simply put, South African businesses, both Corporate and Small to Medium Businesses are not proactive in the education or training of employees in the detection of these cybercrimes until they have been Spoofed.

If in doubt delete. 

Zero Trust Policy

 

Business Email Compromise BEC Email and Spoofing Spike in South Africa

Business Email Compromise Email and Spoofing Spike in South Africa

 

In the last 30 days in South Africa, we have experienced the greatest rise in Spoofing and Business Email Compromise BEC. The new scam targets customers and employees who are authorised to make payments with invoices with false banking details. These emails are exact matches of company emails, either spoofed or from hacked accounts. Many users who are working from home may not have the same protection company IT systems provide. The remote working creates interruptions in inter-employee communications and the syndicates are taking advantage. These emails look legitimate as they are spoofed email addresses with the correct headers and logos. 

If in doubt delete.

Zero Trust Policy

Business Email Compromise BEC and Spoofing Email Spike in South Africa

Business Email Compromise BEC What to do:

If in doubt delete. Zero Trust Policy.

Users to be trained in security best practices and simulations like not to open attachments before verifying.
Ensure the domain visible in the received email is associated with the business it was emailed from.
Make sure the address to:field section in the email client email matches your email address.
Do not open if the senders and to:field emails are the same.
Do not open emails with attachments and invoices addressed to undisclosed recipients.
Do not follow drive links, like Google Drive or Dropbox links, to download invoices or other content from unrecognized, undisclosed recipients or non-first-tier friend contacts.
Be aware of colleagues or clients informing you of mysterious emails coming from your accounts.
Turn off links and images in the email client. If in doubt drop the email in the junk mail to check links.
Link hover, use the mouse and hover over the links in the email to check if they match the sender’s domain.
Latest patches and updates to all software. Most attacks are not detectable by anti-virus software at the home user level nor at the Corporate level.
Do not list the accounting or admin emails online. Use a generic info@ for websites and social media.
Question all marked as urgent payment emails and unplanned payment instructions as suspicious. Contact, preferably face to face, the co-worker or line manager that issued the directive. Social engineering exploits our compliance when issued with a directive from an authority figure. Any changes to Beneficiary Banking details must be verified if possible, using traditional methods or original contact details. If in doubt check with your line manager.

Great reading from The State of Email Security 2020
For security awareness training https://www.knowbe4.com/

You have been hacked…

You have been hacked…

You have been hacked...Microsoft sextortion email scam Hello pervert, I've sent this message from your Microsoft account.If in doubt delete.You have been hacked...Microsoft sextortion email scam Hello pervert, I've sent this message from your...

Takealot SMS smishing scam

Takealot SMS smishing scam

Takealot SMS smishing scam. Smishing or SMS/text message phishing use of text messaging to steal personal information, money and fraud.Takealot SMS smishing scam. Smishing or SMS/text message phishing use of text messaging to steal personal...

What I Do.

I specialise in Digital Footprints for new Startups and Identities struggling to be found in Search.

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO is the art of optimising your online presence and increasing foot traffic to your local based business.

SEO Digital Content Copywriting

SEO Content Copywriting

SEO Digital Content Copywriting is the art of copywriting keyword/phrase content that is found in search results that converts.

Search Engine Marketing SEM

Search Engine Marketing SEM

Search Engine Marketing SEM is a paid advertising strategy, like pay-per-click (PPC) increasing website visibility to appear as search results in Search Engine Results Pages SERPs.

WordPress Websites

WordPress Websites

​WordPress is an open-source versatile content management system CMS for users to create easy functional beautiful looking websites that is found in search

WordPress Websites SEO

WordPress SEO

WordPress SEO is the art of of getting your WordPress Website Pages on #Page1 of Organic Search Results for your Keywords/Phrases/Products/Services to your (best converting) target audience.

WordPress Website Maintenance

WordPress Website Maintenance

WordPress Website Maintenance is the process of keeping your website functioning properly, fast, secure, backed-up, up-to-date and in line with best practices that supports your SEO strategy.

Photography for WordPress Websites SEO

Photography

Photography is the art of capturing an instant in time by recording the light you see and applying a filter of your innermost thoughts.

Samsung Gear 360° Virtual Reality Video

360° Virtual Reality Video

Let's Work Together!

Contact SEO Cape Town.

5 Clarendon Court, Melrose Road, Muizenberg, Western Cape 7945, South Africa VFR9+XP Lakeside, Cape Town
(+27) 060 904 5988
Email Me

COVID19 Corona Virus South African Resource Portal

First Peoples Land Statement

Search Engine Optimisation Marketing operates on the traditional, ancestral and unceded lands of the San and Khoe peoples. I wish to acknowledge the lands of the First Peoples we now occupy.