Email Hacks in South Africa.
Email Hacks to look out for: Spear Phishing, Word Doc. Malware, Microsoft Invoice Phish, Password Hash Capture, Touchscreen Clickjacking, SMS Recovery Hack.
President Ramaphosa’s personal phone was hacked with Pegasus.
Transnet faces major systems cyber-attack. South Africa 3rd highest in the world for ransomware attacks.
Spear Phishing Campaign.
Problem: Spear Phishing Campaign using spoofed email addresses that look like intercompany correspondence. Once trust is gained (Social Engineering), an email attachment with IMG, ISO, or CAB files is sent and once clicked the files drops the payload, and the data-stealing begins. Trust is gained through correspondence and then social media engineering using credible names and stories.
Solution: Users to be trained in security best practices and simulations like not to open attachments before verifying.
Word Doc. Malware.
Problem: Word Doc. Malware. Malware is not in the word document therefore macros bypass security filters. Once the word doc. is opened and editing enabled and Excel file downloads the Zloader payload. The Zloader payload is executed using rundll32.exe.
Solution: Macros are disabled by default in Microsoft Office applications for good reason and should only be opened when delivered by a trusted source. If in doubt contact your IT support ASAP. Users to be trained in security best practices and simulations like not to open attachments before verifying.
Microsoft Invoice Phish.
Problem: Phishing/vishing/social engineering hybrid exploit delivers a Microsoft Store Invoice of a large enough amount to create panic. The intent is to try lure you into trying to reverse the payments and giving away your credit card details.
Solution: Users to be trained in security best practices and simulations. Cross-check your bank statements with unauthorised payments. Look out for generic Dear Customer exploit as invoices should be personalised, no credit card information or no redacted number of the 4 last digits. Other giveaways are VAT totals, headers and email addresses. When in doubt don’t panic phone your bank.
Password Hash Capture.
Problem: Password Hash Capture uses a UNC link in an email (or just opening the email) to trigger a remote malicious webserver forcing an object download which in turn triggers the webserver authentication login. Your password hash is retrieved in the attempted authentication.
Solution: Passwords of 16 characters or more. Block outbound auth logins. Convert incoming mail to plant text. Patch windows registry download from Microsoft. Users to be trained in security best practices and simulations.
Touchscreen Clickjacking.
Problem: ClickJacking of touch screens by using an element that appears on the screen as an object like a crack or hair. The malicious URL is activated when the user attempts to wipe or touch the element.
Solution: Users to be trained in security best practices and simulations.
SMS Recovery Hack.
Problem: SMS recovery hack is a password reset hack where the hacker spoofs a password recovery email/SMS with malicious intent. The hacker attempts to login into your account triggering either password recovery options and/or a verification code. You will then reply in the email/SMS with that code they triggered.
Solution: Use application verification methods and not SMS verification. 2FA and Google Authenticator application.
Never give out your bank card details over the phone nor your 2FA code nor share your pin, OTP or password.
Email Hacks in South Africa.
Vishing is when hackers request your personal information and bank account details over the phone. Banks never ask for your account details, password, PIN or OTP (One Time PIN) over the phone.
Smishing aims to access your personal information via an SMS mainly aimed to target mobile banking applications.
Stolen cell phone gives the hacker access your personal, banking details as well as your Banking app and any passwords stored in your synced browsers. De-link cellphone/device from digital profiles and report the device as stolen with your bank.
Ramahack:
South African President Ramaphosa’s personal phone was hacked using infamous Israeli spyware created by NSO Group called Pegasus spyware. This is after Donald Trump’s personal unsecured phone was hacked by personal insiders several years ago as well as the Khashoggi incident shining the spotlight on Pegasus (Saudi are implicated in the theft of Denel Missile Technology). Activists, whistle-blowers and journalists are targets of NSO Group Pegasus spyware as well as Governments, Businessmen, and Citizens…. Is this incident of monitoring President Ramaphosa’s phone related to recent South African riots?
Solution: Hackers will always hack and governments will always snoop. In the end, it will be Politicians that negotiate the legislation which is problematic. Phone manufacturers and Carriers must through legislation, take greater accountability for the security architecture of their products and services they offer paying clients. Re Kinnear case. The CEO of companies who have licensed the software has been found to be used to spy on or assassinate Activists, whistle-blowers and journalists must be held accountable, and personally liable through civil cases if Politicised Justice System fails.
Ransomware Transnet Attack:
South Africa ranks 3rd in the world for ransomware attacks. Transnet, South Africa’s Port and Rail Operator procedures were disrupted by recent targeted Political riots and now again through foreign ransomware attacks. Are these incidents related, symptoms and/or causes?
Solution: Users to be trained in security best practices and simulations. Ransomware is a national security threat and must be legislated as such. Hackers switched switches causing a nuclear meltdown, an electric grid in the US going offline and businesses and councils paying ransomware to restore IT Infrastructure.
I recommend using Avast Premium on all devices from mobile cell phones, tablets, laptops and PCs. Hackers can hack anything so the idea is to make it difficult enough to put them off to go after the low hanging fruit. Avast offers WebShield, Ransomware Shield and Secure Folders.
50% of all emails contain trackers or web beacons, personalised uniquely to your email. They can be used in Court to prove you opened or forwarded an email. Don’t download images in your email client. View email as plain text or use an Email Privacy service or antitracking tools.
Great reading from a https://www.knowbe4.com/hubfs/CyberheistV3.pdf?
For security awareness training https://www.knowbe4.com/
RAM Couriers delivery phishing emails
RAM Couriers delivery phishing emails. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks.If in doubt delete. RAM Couriers delivery phishing emails. South Africa ranks 3rd highest in the world for Ransomware Attacks...
Payfast Payment Confirmation Phishing Email
Payfast Payment Confirmation Phishing Email. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks.If in doubt delete.Payfast Payment Confirmation Phishing Email. Scammers send out phishing emails mimicking...
Traditional Medicine Summit 2023
Traditional Medicine Summit 2023: Department of Health. Traditional Medicine Summit 2023: Department of Health. Integrating Traditional Medicine into Health Care Systems.Thursday, 23 -24 February 2023.Venue: Birchwood Hotel and Conference Centre- Boksburg....
Tinder It’s a match phishing scam.
Tinder It's a match phishing scam. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks. If in doubt delete.Tinder It's a match phishing scam. In recent years, online dating has become increasingly popular, with apps...
RoundCube cPanel Phishing email
RoundCube cPanel Phishing email. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks.If in doubt delete.RoundCube cPanel Phishing email. Sextortion scams are popular as they are successful. Roundcube is a web-based IMAP...
APT Hacking Group Bitcoin Wallet Sextortion Scam
APT Hacking Group Bitcoin Wallet Sextortion Scam. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks.If in doubt delete.Zero Trust Policy My email client is set to view all emails as plain text and I view all emails...
What I Do.
I specialise in Digital Footprints for new Startups and Identities struggling to be found in Search.
Google Maps Marketing Local SEO
Google Maps Marketing Local SEO is the art of optimising your online presence and increasing foot traffic to your local based business.
SEO Content Copywriting
SEO Digital Content Copywriting is the art of copywriting keyword/phrase content that is found in search results that converts.
WordPress Websites
WordPress is an open-source versatile content management system CMS for users to create easy functional beautiful looking websites that is found in search
WordPress SEO
WordPress SEO is the art of of getting your WordPress Website Pages on #Page1 of Organic Search Results for your Keywords/Phrases/Products/Services to your (best converting) target audience.
Let's Work Together!
Contact SEO Cape Town.
5 Clarendon Court, Melrose Road, Muizenberg, Western Cape 7945, South Africa VFR9+XP Lakeside, Cape Town
(+27) 060 904 5988
Email Me