Email Hacks in South Africa:

South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks. Below are some of the methods my clients have experienced, who are mainly Small to Medium Business or information I have read about from various sources like Wordfence or Knowbe4.

Email Hacks in South Africa.

Email Hacks to look out for: Spear Phishing, Word Doc. Malware, Microsoft Invoice Phish, Password Hash Capture, Touchscreen Clickjacking, SMS Recovery Hack.
President Ramaphosa’s personal phone hacked with Pegasus.
Transnet faces major systems cyber-attack. South Africa 3rd highest in the world for ransomware attacks.

Spear Phishing Campaign.

Problem: Spear Phishing Campaign using spoofed email addresses that looks like intercompany correspondence. Once trust is gained (Social Engineering), an email attachment with IMG, ISO, or CAB files is sent and once clicked the files drops the payload, the data stealing begins. Trust is gained through the corresponded and then social media engineering using credible names and stories.
Solution: Users to be trained in security best practices and simulations like not to open attachments before verifying.

Word Doc. Malware.

Problem: Word Doc. Malware. Malware is not in the word document therefore macros bypass security filters. Once the word doc. is opened and editing enabled and Excel file downloads the Zloader payload. The Zloader payload is executed using rundll32.exe.
Solution: Macros are disabled by default in Microsoft Office applications for good reason and should only be opened when delivered by a trusted source. If in doubt contact your IT support ASAP.  Users to be trained in security best practices and simulations like not to open attachments before verifying.

Microsoft Invoice Phish.

Problem: Phishing/vishing/social engineering hybrid exploit delivers a Microsoft Store Invoice of a large enough amount to create panic. The intent is to try lure you into trying to reverse the payments and giving away your credit card details.
Solution: Users to be trained in security best practices and simulations. Cross check your banks statements with unauthorised payments. Look out for generic Dear Customer exploit as invoices should be personalised, no credit card information or no redacted number of the 4 last digits. Other giveaways are VAT totals, headers and email addresses. When in doubt don’t panic phone your bank.

Password Hash Capture.

Problem: Password Hash Capture uses a UNC link in an email (or just opening the email) to trigger a remote malicious web server forcing an object download which in turns triggers the web server authentication login. Your password hash is retrieved in the attempted authentication.
Solution: Passwords of 16 characters or more. Block outbound auth logins. Convert incoming mail to plant text. Patch windows registry download from Microsoft. Users to be trained in security best practices and simulations.

Touchscreen Clickjacking.

Problem: Click Jacking of touch screens by using an element that appears on the screen as an object like a crack or hair. The malicious url is activated when the user attempts to wipe or touch the element.
Solution: Users to be trained in security best practices and simulations.

SMS Recovery Hack.

Problem: SMS recovery hack is password reset hack where the hacker spoofs a password recovery email/sms with malicious intent. The hacker attempts to login into your account triggering either password recovery options and/or a verification code. You will then reply in the email/sms with that code they triggered.
Solution:  Use application verification methods and not SMS verification. 2FA and Google Authenticator application.

Never give out your bank card details over the phone nor your 2FA code nor share your pin, OTP or password.

Email Hacks in South Africa.

Vishing is when hackers request your personal information and bank account details over the phone. Banks never ask for your account details, password, PIN or OTP (One Time PIN) over the phone.

Smishing aims to access your personal information via an SMS mainly aimed targeting mobile banking applications.

Stolen cell phone gives the hacker access your personal, banking details as well as your Banking app and any passwords stored in your synced browsers. De-link cellphone/device from digital profiles and report the device as stolen with your bank.

Ramahack:

South African President Ramaphosa’s personal phone was hacked using infamous Israeli spyware created by NSO Group called Pegasus spyware. This is after Donald Trump personal unsecured phone was hacked by personal insiders several years ago as swell as the Khashoggi incident shining the spotlight on Pegasus (Saudi are implicated in the theft of Denel Missile Technology). Activists, whistle-blowers and journalists are targets of NSO Group Pegasus spyware as well as Governments, Businessmen, Citizens…. Is this incident of monitoring Presidents Ramaphosa’s phone related to recent South African riots?
Solution: Hackers will always hack and governments will always snoop. In the end it will be Politicians that negotiate the legislation which is problematic. Phone manufacturers and Carriers must through legislation, take greater accountability for the security architecture of their products and services they offer paying clients. Re Kinnear case. The CEO of companies who has licensed the software has been found to be used to spy on or assassinate Activists, whistle-blowers and journalists must be held accountable, personally liable though civil cases if Politicised Justice System fails.

Ransomware Transnet Attack:

South Africa ranks 3rd in the world for ransomware attacks. Transnet, South Africa’s Port and Rail Operators operations were disrupted by recent targeted Political riots and now again through foreign ransomware attack. Are these incidents related, symptoms and/or causes?
Solution: Users to be trained in security best practices and simulations. Ransomware is a national security threat and must legislated as such. Hackers switched switches causing a nuclear meltdown, an electric grid in the US going offline and business and councils paying ransomware to restore IT Infrastructure.

I recommend using Avast Premium on all devices from mobile cell phones, tablets, laptops and PCs. Hackers can hack anything so the idea is to make it difficult enough to put them off to go after the low hanging fruit. Avast offers WebShield, Ransomware Shield and Secure Folders.

50% of all emails contain trackers or web beacons, personalised uniquely to your email. They can be used in Court to prove you opened or forwarded an email. Don’t download images in your email client. View email as plain text or use an Email Privacy service or antitracking tools.

Great reading from a https://www.knowbe4.com/hubfs/CyberheistV3.pdf?
For security awareness training https://www.knowbe4.com/

African Traditional Medicine

African Traditional Medicine – San Trans Healing Dance. Sa/San Trans Healing Dance…the following is a true story.African Traditional Medicine - San Trans Healing Dance. Sa/San Trans Healing Dance…the following is a true story. I blame it on Stella, her friendly smile...

An ode to the krom old man

An ode to the krom old man... To the old man with hunched shoulders who shuffles and struggles past my house everyday to go shopping.An ode to the krom old man... To the old man with hunched shoulders who shuffles and struggles past my house everyday to go shopping....

Ransomware South Africa

Ransomware South Africa. End Users, Informal and Small Business: Ransomware, Business Email Compromise BEC and SpoofingIf in doubt delete.Ransomware South Africa. End Users, Informal and Small Business: Ransomware, Business Email Compromise BEC and Spoofing  ...

Wiki Loves Africa

Wiki Loves Africa.  Wiki Loves Africa’s photo competition on Wikipedia Wiki Loves Africa photo competition on Wikipedia I have the honour and privilege of wining Traditional Culture Prize  Wiki Loves Africa’s photo competition on Wikipedia 2021 THEME: HEALTH AND...

Business Email Compromise

Email Hacks South Africa: Business Email Compromise. Business Email Compromise BEC and Spoofing Email Spike in South Africa.If in doubt delete.Business Email Compromise and Spoofing Email Spike in South Africa. Business Email Compromise BEC and Spoofing Email Spike....

What I Do

I specialise in Digital Footprints for new Startups and Identities struggling to be found in Search.

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO is the art of optimising your online presence and increasing foot traffic to your local based business.

SEO Digital Content Copywriting

SEO Digital Content Copywriting

SEO Digital Content Copywriting is the art of copywriting keyword/phrase content that is found in search results that converts.

Search Engine Marketing SEM

Search Engine Marketing SEM

Search Engine Marketing SEM is a paid advertising strategy, like pay-per-click (PPC) increasing website visibility to appear as search results in Search Engine Results Pages SERPs.

WordPress Websites

WordPress Websites

​WordPress is an open-source versatile content management system CMS for users to create easy functional beautiful looking websites that is found in search

WordPress Websites SEO

WordPress SEO

WordPress SEO is the art of of getting your WordPress Website Pages on #Page1 of Organic Search Results for your Keywords/Phrases/Products/Services to your (best converting) target audience.

WordPress Website Maintenance

WordPress Website Maintenance

WordPress Website Maintenance is the process of keeping your website functioning properly, fast, secure, backed-up, up-to-date and in line with best practices that supports your SEO strategy.

Photography for WordPress Websites SEO

Photography

Photography is the art of capturing an instant in time by recording the light you see and applying a filter of your innermost thoughts.

Samsung Gear 360° Virtual Reality Video

360° Virtual Reality Video

Let's Work Together!

Contact Us SEO Cape Town

5 Clarendon Court, Melrose Road, Muizenberg, Western Cape 7945, South Africa VFR9+XP Lakeside, Cape Town

(+27) 060 904 5988

Email Me