Ransomware South Africa.
End Users, Informal and Small Business: Ransomware, Business Email Compromise BEC and Spoofing
If in doubt delete.
Ransomware Southern Africa.
End Users, Informal and Small Business: Ransomware, Business Email Compromise BEC and Spoofing.
South Africa can no longer ignore it’s IT security vulnerabilities as a matter of National Interest.
The South African news is once again filled with new Ransomware attacks, Business Email Compromise BEC and Spoofing Email hacks. South Africa’s Justice Department, Space Agency, Transnet, JBS S.A., and many other businesses are affected by the attacks conducted by CoomingProject and other threat actors.
Just like our recent #FreeZuma insurrection riots, strangely enough, rooted in the same foreign states as the hackers, we can defend the mall by doing our bit in our digital community. Corporations or Big Businesses are not the only targets as data shows End Users, Informal and Small Businesses are often the main target of Ransomware, Business Email Compromise BEC and Spoofing.
What can I do as the end-user/consumer, Informal & Small Business?
Zero Trust Policy:
Treat all emails with suspicion, even emails that appear to be a legitimate internal company or organisational communications, emails from suppliers; especially emails from senders and suppliers you don’t recognise.
Check the sender’s email address and name, and make sure it’s coherent and not random text.
Check the @company URL string making sure it’s not random text, misspelled or matches suppliers you have on file.
Do not open email attachments sent to undisclosed recipients or if the sender’s email matches the receivers (in this case it should be your email address).
Check for spelling and bad grammar.
If in doubt delete or drop it into the junk mail.
South African Internet Service and Cell Phone Providers as well as device manufactures whose software and systems are often the carriers of the scripts, the pinging and hacks, to start taking a greater accountability for their customers/consumers security and safety. IT service and hardware providers need the same oversight as car manufacturers, as it’s the vulnerabilities in their products, software, services that are exploited.
Ransomware South Africa, Email Hacks.
What precautions to take as End Users, Informal and Small Businesses.
Zero Trust Policy.
Adopt a least privilege access policy.
Keep all software up to date and patched especially on your cell phone.
Secure your internet router by changing the default admin and your Wi-Fi.
Avoid public Wi-Fi and use a VPN.
Change all passwords often.
Email Client Privacy, script, and Security changes.
Adopt a least privilege access policy.
Turn off all images and links in your email client’s security. This also stops Web Beacons.
Real all email as plain text.
Convert emails from HTML to plain text.
Turn off settings that allow downloading of external content or links.
Do not allow scripts in email settings.
Turn off the attachment preview. Only open attachments you are expecting and know the sender otherwise delete them.
Disable all macros for example Word Doc. Malware.
Avoid opening or viewing your email in a browser.
Hover your mouse over URL links before you click on them to check if the URL is legitimate.
Double-check emails that contain threats to shut your account down for example the Microsoft Invoice Phish.
Remote working creates holes in the standard security setup one has in the work environment. Workplace network Firewalls and antivirus is replaced by your home setup. Email clients that are browser-based and not systems-based are exploited.
Solution: Users to be trained in security best practices and simulations. Ransomware is a national security threat and must be legislated as such. Hackers switched switches causing a nuclear meltdown, an electric grid in the US going offline, and businesses and councils paying ransomware to restore IT Infrastructure.
Ransomware South Africa: Converting emails to plain text.
Zero Trust Policy:
Below is the same email, the first one is HTML and the second email is plain text. Converting from Html to plain text and removing images, one can see the target URL link is not Absa Bank, the target URL link does not match the business the claims to be from. Converting to plain text removes the Html masking. Removing images and converting to plain text, removes web beacons that are used to track the end user’s interaction with the email and the URL links. I recommend removing all images and viewing all emails as plain text. You can easily view the email in Html if trusted.
Never give out your bank card details over the phone nor your 2FA code nor share your pin, OTP or password.
Ransomware South Africa: What to do:
If in doubt delete. Zero Trust Policy
Users to be trained in security best practices and simulations like not to open attachments before verifying.
Ensure the domain visible in the received email is associated with the business it was emailed from.
Make sure the address to:field section in the email client email matches your email address.
Do not open if the senders and to:field emails are the same.
Do not open emails with attachments and invoices addressed to undisclosed recipients.
Do not follow drive links, like Google Drive or Dropbox links, to download invoices or other content from unrecognized, undisclosed recipients or non-first-tier friend contacts.
Be aware of colleagues or clients informing you of mysterious emails coming from your accounts.
Turn off links and images in the email client. If in doubt drop the email in the junk mail to check links.
Link hover, use the mouse and hover over the links in the email to check if they match the sender’s domain.
Latest patches and updates to all software. Most attacks are not detectable by anti-virus software at the home user level nor at the Corporate level.
Do not list the accounting or admin emails online. Use a generic info@ for websites and social media.
Question all marked as urgent payment emails and unplanned payment instructions as suspicious. Contact, preferably face to face, the co-worker or line manager that issued the directive. Social engineering exploits our compliance when issued with a directive from an authority figure. Any changes to Beneficiary Banking details must be verified if possible, using traditional methods or original contact details. If in doubt check with your line manager.
Great reading from The State of Email Security 2020
For security awareness training https://www.knowbe4.com/
RAM Couriers delivery phishing emails
RAM Couriers delivery phishing emails. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks.If in doubt delete. RAM Couriers delivery phishing emails. South Africa ranks 3rd highest in the world for Ransomware Attacks...
Payfast Payment Confirmation Phishing Email
Payfast Payment Confirmation Phishing Email. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks.If in doubt delete.Payfast Payment Confirmation Phishing Email. Scammers send out phishing emails mimicking...
Traditional Medicine Summit 2023
Traditional Medicine Summit 2023: Department of Health. Traditional Medicine Summit 2023: Department of Health. Integrating Traditional Medicine into Health Care Systems.Thursday, 23 -24 February 2023.Venue: Birchwood Hotel and Conference Centre- Boksburg....
Tinder It’s a match phishing scam.
Tinder It's a match phishing scam. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks. If in doubt delete.Tinder It's a match phishing scam. In recent years, online dating has become increasingly popular, with apps...
RoundCube cPanel Phishing email
RoundCube cPanel Phishing email. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks.If in doubt delete.RoundCube cPanel Phishing email. Sextortion scams are popular as they are successful. Roundcube is a web-based IMAP...
APT Hacking Group Bitcoin Wallet Sextortion Scam
APT Hacking Group Bitcoin Wallet Sextortion Scam. South Africa ranks 3rd highest in the world for Ransomware Attacks and Email Hacks.If in doubt delete.Zero Trust Policy My email client is set to view all emails as plain text and I view all emails...
What I Do.
I specialise in Digital Footprints for new Startups and Identities struggling to be found in Search.
Google Maps Marketing Local SEO
Google Maps Marketing Local SEO is the art of optimising your online presence and increasing foot traffic to your local based business.
SEO Content Copywriting
SEO Digital Content Copywriting is the art of copywriting keyword/phrase content that is found in search results that converts.
WordPress is an open-source versatile content management system CMS for users to create easy functional beautiful looking websites that is found in search
WordPress SEO is the art of of getting your WordPress Website Pages on #Page1 of Organic Search Results for your Keywords/Phrases/Products/Services to your (best converting) target audience.
Let's Work Together!
Contact SEO Cape Town.
5 Clarendon Court, Melrose Road, Muizenberg, Western Cape 7945, South Africa VFR9+XP Lakeside, Cape Town
(+27) 060 904 5988