Email Hacks South Africa: Business Email Compromise BEC.
Business Email Compromise BEC and Spoofing Email Spike in South Africa.
If in doubt delete.
Business Email Compromise BEC and Spoofing Email Spike in South Africa.
Business Email Compromise BEC and Spoofing Email Spike. South Africa is now a world leader in cybercrime. South Africa leads the world in the number of Ransomware Email Spoofing, Smishing, Vishing and Spear Phishing attacks on business and end-user customers with Domain-spoofing and email-spoofing becoming the mainstream attack vectors. Syndicates have been emboldened after the Transnet Ransomware Hack matched with the fact that South Africa has extensive IT systems that do not reflect the end user’s education and training in cyber security.
Many new Board appointments on the Johannesburg Stock Exchange have Financial and Accounting qualifications, no new Board appointees come with IT Security backgrounds. Simply put, South African businesses, both Corporate and Small to Medium Businesses are not proactive in the education or training of employees in the detection of these cybercrimes until they have been Spoofed.
If in doubt delete.
Zero Trust Policy

Business Email Compromise Email and Spoofing Spike in South Africa
In the last 30 days in South Africa, we have experienced the greatest rise in Spoofing and Business Email Compromise BEC. The new scam targets customers and employees who are authorised to make payments with invoices with false banking details. These emails are exact matches of company emails, either spoofed or from hacked accounts. Many users who are working from home may not have the same protection company IT systems provide. The remote working creates interruptions in inter-employee communications and the syndicates are taking advantage. These emails look legitimate as they are spoofed email addresses with the correct headers and logos.
If in doubt delete.
Zero Trust Policy
Business Email Compromise BEC What to do:
If in doubt delete. Zero Trust Policy.
Users to be trained in security best practices and simulations like not to open attachments before verifying.
Ensure the domain visible in the received email is associated with the business it was emailed from.
Make sure the address to:field section in the email client email matches your email address.
Do not open if the senders and to:field emails are the same.
Do not open emails with attachments and invoices addressed to undisclosed recipients.
Do not follow drive links, like Google Drive or Dropbox links, to download invoices or other content from unrecognized, undisclosed recipients or non-first-tier friend contacts.
Be aware of colleagues or clients informing you of mysterious emails coming from your accounts.
Turn off links and images in the email client. If in doubt drop the email in the junk mail to check links.
Link hover, use the mouse and hover over the links in the email to check if they match the sender’s domain.
Latest patches and updates to all software. Most attacks are not detectable by anti-virus software at the home user level nor at the Corporate level.
Do not list the accounting or admin emails online. Use a generic info@ for websites and social media.
Question all marked as urgent payment emails and unplanned payment instructions as suspicious. Contact, preferably face to face, the co-worker or line manager that issued the directive. Social engineering exploits our compliance when issued with a directive from an authority figure. Any changes to Beneficiary Banking details must be verified if possible, using traditional methods or original contact details. If in doubt check with your line manager.
Great reading from The State of Email Security 2020
For security awareness training https://www.knowbe4.com/
The Apple ID Spoofed Email & Phishing Scam
Apple ID Spoofed Email & Phishing Scam. If in doubt delete. Apple ID Spoofed Email & Phishing Scam. If in Doubt Delete. We all have had the old Apple ID spoofed emails and time-tested PayPal spoofed emails phishing scams and now the scammers are back with...
Andrew Holt Podcast Series
Andrew Holt Podcast Series. Business, Community and Environment all complement each other. Andrew Holt Podcast Series. Welcome to the Andrew Holt Podcast Series I recently interviewed my good friend Kevin Rack who now resides back in his Hometown of Cape Town...
Standard Bank Spoofed Business Email Compromise BEC
Standard Bank Spoofed Business Email Compromise BEC. If in doubt delete. Standard Bank Spoofed emails. Like most South Africans, we receive many spoofed BEC Standard Bank emails, weekly. Currently, Standard Bank Spoofed emails are the greatest number of spoofed BEC...
The virus is not COVID but egoism
The virus is not COVID but egoism Covid is Mother Earth’s way to control this virus. My First-Hand Experience on the Covid Frontline. The virus is not COVID but egoism, Covid is Mother Earth's way to control this virus, Church halls and buildings stand empty while the...
Sextortion Phishing Email Scam. Dont fall for it.
Sextortion Phishing Email Scam. Don't fall for it. Sextortion is social engineering blackmail phish scam using fear to extort bitcoin ransom. Don't fall for it. Don’t Panic. What is Sextortion? Sextortion is social engineering blackmail scam using fear of one’s...
What I Do
I specialise in Digital Footprints for new Startups and Identities struggling to be found in Search.
Google Maps Marketing Local SEO
Google Maps Marketing Local SEO is the art of optimising your online presence and increasing foot traffic to your local based business.
SEO Content Copywriting
SEO Digital Content Copywriting is the art of copywriting keyword/phrase content that is found in search results that converts.
WordPress Websites
WordPress is an open-source versatile content management system CMS for users to create easy functional beautiful looking websites that is found in search
WordPress SEO
WordPress SEO is the art of of getting your WordPress Website Pages on #Page1 of Organic Search Results for your Keywords/Phrases/Products/Services to your (best converting) target audience.
Let's Work Together!
Contact Us SEO Cape Town
5 Clarendon Court, Melrose Road, Muizenberg, Western Cape 7945, South Africa VFR9+XP Lakeside, Cape Town
(+27) 060 904 5988