Email Hacks South Africa: Business Email Compromise BEC.
Business Email Compromise BEC and Spoofing Email Spike in South Africa.
If in doubt delete.
Business Email Compromise BEC and Spoofing Email Spike in South Africa.
Business Email Compromise BEC and Spoofing Email Spike. South Africa is now a world leader in cybercrime. South Africa leads the world in the number of Ransomware Email Spoofing, Smishing, Vishing and Spear Phishing attacks on business and end-user customers with Domain-spoofing and email-spoofing becoming the mainstream attack vectors. Syndicates have been emboldened after the Transnet Ransomware Hack matched with the fact that South Africa has extensive IT systems that do not reflect the end user’s education and training in cyber security.
Many new Board appointments on the Johannesburg Stock Exchange have Financial and Accounting qualifications, no new Board appointees come with IT Security backgrounds. Simply put, South African businesses, both Corporate and Small to Medium Businesses are not proactive in the education or training of employees in the detection of these cybercrimes until they have been Spoofed.
If in doubt delete.
Zero Trust Policy

Business Email Compromise Email and Spoofing Spike in South Africa
In the last 30 days in South Africa, we have experienced the greatest rise in Spoofing and Business Email Compromise BEC. The new scam targets customers and employees who are authorised to make payments with invoices with false banking details. These emails are exact matches of company emails, either spoofed or from hacked accounts. Many users who are working from home may not have the same protection company IT systems provide. The remote working creates interruptions in inter-employee communications and the syndicates are taking advantage. These emails look legitimate as they are spoofed email addresses with the correct headers and logos.
If in doubt delete.
Zero Trust Policy
Business Email Compromise BEC What to do:
If in doubt delete. Zero Trust Policy.
Users to be trained in security best practices and simulations like not to open attachments before verifying.
Ensure the domain visible in the received email is associated with the business it was emailed from.
Make sure the address to:field section in the email client email matches your email address.
Do not open if the senders and to:field emails are the same.
Do not open emails with attachments and invoices addressed to undisclosed recipients.
Do not follow drive links, like Google Drive or Dropbox links, to download invoices or other content from unrecognized, undisclosed recipients or non-first-tier friend contacts.
Be aware of colleagues or clients informing you of mysterious emails coming from your accounts.
Turn off links and images in the email client. If in doubt drop the email in the junk mail to check links.
Link hover, use the mouse and hover over the links in the email to check if they match the sender’s domain.
Latest patches and updates to all software. Most attacks are not detectable by anti-virus software at the home user level nor at the Corporate level.
Do not list the accounting or admin emails online. Use a generic info@ for websites and social media.
Question all marked as urgent payment emails and unplanned payment instructions as suspicious. Contact, preferably face to face, the co-worker or line manager that issued the directive. Social engineering exploits our compliance when issued with a directive from an authority figure. Any changes to Beneficiary Banking details must be verified if possible, using traditional methods or original contact details. If in doubt check with your line manager.
Great reading from The State of Email Security 2020
For security awareness training https://www.knowbe4.com/
How to appear in SERPs?
How to appear in SERPs? This is accomplished through a variety of means, from what is known as “on-page” SEO to “off-page” techniques. How to appear in Search Results Pages SERPs? This is accomplished through a variety of means, from what is known as...
Standard Bank account restricted
Standard Bank account restricted phishing email scam. Standard Bank account restricted unauthorised access from IP address 41.133.102.159 phishing email.A phishing email that attempts to force you into an emotional fear-based response by clicking on the Confirm Now...
Search Engine Result Pages SERPs?
What are Search Engine Result Pages SERPs? Search engine results pages, SERPs, is the browser page you see after entering a query into a search engine like Google, Bing, Yandex, DuckDuckGo. What are Search Engine Results Pages SERPs?...
NFC digital e-wallet fraud South Africa
NFC digital e-wallet fraud South Africa. Card-not-present fraud, Scammers load your banking profile on a smart device that does not require an OTP security validation for purchases.NFC e-wallet fraud South Africa. Scammers load your banking profile...
pdf.html attachment email scam
Signed New Order_pdf.html attachment email scam. New Order_pdf.html is the trigger.Stop, pause evaluate.Signed New Order_pdf.html attachment email scam. New Order_pdf.html is the trigger.Stop, pause evaluate. Clicking on attachment leads you to a...
Manuel Franco $768 million Powerball jackpot lottery phishing email scam.
Manuel Franco $768 million Powerball jackpot lottery phishing email scam. Personal information phishing scam.Do Not ReplyManuel Franco $768 million Powerball jackpot lottery phishing email scam. Personal information phishing scam. Do Not Reply Manuel...
What I Do.
I specialise in Digital Footprints for new Startups and Identities struggling to be found in Search.
Google Maps Marketing Local SEO
Google Maps Marketing Local SEO is the art of optimising your online presence and increasing foot traffic to your local based business.
SEO Content Copywriting
SEO Digital Content Copywriting is the art of copywriting keyword/phrase content that is found in search results that converts.
WordPress Websites
WordPress is an open-source versatile content management system CMS for users to create easy functional beautiful looking websites that is found in search
WordPress SEO
WordPress SEO is the art of of getting your WordPress Website Pages on #Page1 of Organic Search Results for your Keywords/Phrases/Products/Services to your (best converting) target audience.
Let's Work Together!
Contact SEO Cape Town.
5 Clarendon Court, Melrose Road, Muizenberg, Western Cape 7945, South Africa VFR9+XP Lakeside, Cape Town
(+27) 060 904 5988
Email Me
Follow Us
First Peoples Land Statement
Search Engine Optimisation Marketing operates on the traditional, ancestral and unceded lands of the San and Khoe peoples. I wish to acknowledge the lands of the First Peoples we now occupy.