Email Hacks in South Africa:

South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks. Below are some of the methods my clients have experienced, who are mainly Small to Medium Businesses or information I have read about from various sources like Wordfence or Knowbe4.

Email Hacks in South Africa.

Email Hacks to look out for: Spear Phishing, Word Doc. Malware, Microsoft Invoice Phish, Password Hash Capture, Touchscreen Clickjacking, SMS Recovery Hack.
President Ramaphosa’s personal phone was hacked with Pegasus.
Transnet faces major systems cyber-attack. South Africa 3rd highest in the world for ransomware attacks.

Spear Phishing Campaign.

Problem: Spear Phishing Campaign using spoofed email addresses that look like intercompany correspondence. Once trust is gained (Social Engineering), an email attachment with IMG, ISO, or CAB files is sent and once clicked the files drops the payload, and the data-stealing begins. Trust is gained through correspondence and then social media engineering using credible names and stories.
Solution: Users to be trained in security best practices and simulations like not to open attachments before verifying.

Word Doc. Malware.

Problem: Word Doc. Malware. Malware is not in the word document therefore macros bypass security filters. Once the word doc. is opened and editing enabled and Excel file downloads the Zloader payload. The Zloader payload is executed using rundll32.exe.
Solution: Macros are disabled by default in Microsoft Office applications for good reason and should only be opened when delivered by a trusted source. If in doubt contact your IT support ASAP.  Users to be trained in security best practices and simulations like not to open attachments before verifying.

Microsoft Invoice Phish.

Problem: Phishing/vishing/social engineering hybrid exploit delivers a Microsoft Store Invoice of a large enough amount to create panic. The intent is to try lure you into trying to reverse the payments and giving away your credit card details.
Solution: Users to be trained in security best practices and simulations. Cross-check your bank statements with unauthorised payments. Look out for generic Dear Customer exploit as invoices should be personalised, no credit card information or no redacted number of the 4 last digits. Other giveaways are VAT totals, headers and email addresses. When in doubt don’t panic phone your bank.

Password Hash Capture.

Problem: Password Hash Capture uses a UNC link in an email (or just opening the email) to trigger a remote malicious webserver forcing an object download which in turn triggers the webserver authentication login. Your password hash is retrieved in the attempted authentication.
Solution: Passwords of 16 characters or more. Block outbound auth logins. Convert incoming mail to plant text. Patch windows registry download from Microsoft. Users to be trained in security best practices and simulations.

Touchscreen Clickjacking.

Problem: ClickJacking of touch screens by using an element that appears on the screen as an object like a crack or hair. The malicious URL is activated when the user attempts to wipe or touch the element.
Solution: Users to be trained in security best practices and simulations.

SMS Recovery Hack.

Problem: SMS recovery hack is a password reset hack where the hacker spoofs a password recovery email/SMS with malicious intent. The hacker attempts to login into your account triggering either password recovery options and/or a verification code. You will then reply in the email/SMS with that code they triggered.
Solution:  Use application verification methods and not SMS verification. 2FA and Google Authenticator application.

Never give out your bank card details over the phone nor your 2FA code nor share your pin, OTP or password.

Email Hacks in South Africa.

Vishing is when hackers request your personal information and bank account details over the phone. Banks never ask for your account details, password, PIN or OTP (One Time PIN) over the phone.

Smishing aims to access your personal information via an SMS mainly aimed to target mobile banking applications.

Stolen cell phone gives the hacker access your personal, banking details as well as your Banking app and any passwords stored in your synced browsers. De-link cellphone/device from digital profiles and report the device as stolen with your bank.


South African President Ramaphosa’s personal phone was hacked using infamous Israeli spyware created by NSO Group called Pegasus spyware. This is after Donald Trump’s personal unsecured phone was hacked by personal insiders several years ago as well as the Khashoggi incident shining the spotlight on Pegasus (Saudi are implicated in the theft of Denel Missile Technology). Activists, whistle-blowers and journalists are targets of NSO Group Pegasus spyware as well as Governments, Businessmen, and Citizens…. Is this incident of monitoring President Ramaphosa’s phone related to recent South African riots?
Solution: Hackers will always hack and governments will always snoop. In the end, it will be Politicians that negotiate the legislation which is problematic. Phone manufacturers and Carriers must through legislation, take greater accountability for the security architecture of their products and services they offer paying clients. Re Kinnear case. The CEO of companies who have licensed the software has been found to be used to spy on or assassinate Activists, whistle-blowers and journalists must be held accountable, and personally liable through civil cases if Politicised Justice System fails.

Ransomware Transnet Attack:

South Africa ranks 3rd in the world for ransomware attacks. Transnet, South Africa’s Port and Rail Operator procedures were disrupted by recent targeted Political riots and now again through foreign ransomware attacks. Are these incidents related, symptoms and/or causes?
Solution: Users to be trained in security best practices and simulations. Ransomware is a national security threat and must be legislated as such. Hackers switched switches causing a nuclear meltdown, an electric grid in the US going offline and businesses and councils paying ransomware to restore IT Infrastructure.

I recommend using Avast Premium on all devices from mobile cell phones, tablets, laptops and PCs. Hackers can hack anything so the idea is to make it difficult enough to put them off to go after the low hanging fruit. Avast offers WebShield, Ransomware Shield and Secure Folders.

50% of all emails contain trackers or web beacons, personalised uniquely to your email. They can be used in Court to prove you opened or forwarded an email. Don’t download images in your email client. View email as plain text or use an Email Privacy service or antitracking tools.

Great reading from a
For security awareness training

USDT Token Airdrop phishing scam

USDT Token Airdrop phishing scam. A USDT Token Airdrop phishing scam is a deceptive scheme designed to steal your cryptocurrency by exploiting the allure of free tokens. USDT Token Airdrop phishing scam. A USDT Token Airdrop phishing scam is a...

What I Do.

I specialise in Digital Footprints for new Startups and Identities struggling to be found in Search.

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO is the art of optimising your online presence and increasing foot traffic to your local based business.

SEO Digital Content Copywriting

SEO Content Copywriting

SEO Digital Content Copywriting is the art of copywriting keyword/phrase content that is found in search results that converts.

Search Engine Marketing SEM

Search Engine Marketing SEM

Search Engine Marketing SEM is a paid advertising strategy, like pay-per-click (PPC) increasing website visibility to appear as search results in Search Engine Results Pages SERPs.

WordPress Websites

WordPress Websites

​WordPress is an open-source versatile content management system CMS for users to create easy functional beautiful looking websites that is found in search

WordPress Websites SEO

WordPress SEO

WordPress SEO is the art of of getting your WordPress Website Pages on #Page1 of Organic Search Results for your Keywords/Phrases/Products/Services to your (best converting) target audience.

WordPress Website Maintenance

WordPress Website Maintenance

WordPress Website Maintenance is the process of keeping your website functioning properly, fast, secure, backed-up, up-to-date and in line with best practices that supports your SEO strategy.

Photography for WordPress Websites SEO


Photography is the art of capturing an instant in time by recording the light you see and applying a filter of your innermost thoughts.

Samsung Gear 360° Virtual Reality Video

360° Virtual Reality Video

Let's Work Together!

Contact SEO Cape Town.

5 Clarendon Court, Melrose Road, Muizenberg, Western Cape 7945, South Africa VFR9+XP Lakeside, Cape Town
(+27) 060 904 5988
Email Me

COVID19 Corona Virus South African Resource Portal

First Peoples Land Statement

Search Engine Optimisation Marketing operates on the traditional, ancestral and unceded lands of the San and Khoe peoples. I wish to acknowledge the lands of the First Peoples we now occupy.