9 tips on how to protect you and your business from phishing, vishing and whaling

Written by Editor

Apr 5, 2022

 

By  Jessie Taylor

 

South Africans lose more than R1.5-billion in banking and card fraud in a year, according to estimates from the South African Banking Risk Information Centre (SABRIC). The country has one of the ten highest rates of cybercrime in the world, yet many of these crimes can be avoided, with just a few simple safety tips to protect your hard-earned money.

 

Safeguarding against cybercrime

South Africa sits sixth in ranking among the countries with the most cybercrime and has shown the sharpest rise in cybercrime compared to any country in the world.  According to research, South Africa has around 51 cybercrime victims for every one million internet users. 

On average, three billion cybercrime attempts are sent out via email every day, and one in every 100 emails is a phishing attempt.

The three most common types of cybercrime are phishing, vishing, and whaling.

  • Phishing relies on the sending of emails, purportedly from reputable companies, to trick the recipient into sharing personal information, such as passwords and credit card numbers. These emails often appear to be from recognised senders and may include malicious codes or links. This is the most common cybercrime.
  • Vishing is a form of crime in which fraudsters will attempt to steal private information during a telephone call. These criminals use social engineering tactics to convince victims to divulge their details, especially banking information, over the phone. Very often, these criminals will pose at a reputable institution, such as a bank, to request personal information from their victim.
  • Whaling involves business email compromise. In these instances, cybercriminals use a compromised senior executive’s information to carry out fraud. The hacker will use the executive’s account to infiltrate a company, making use of personal information, for financial gain. This approach usually entices the receiver to click on a malicious URL or attachment to gain access to their personal information.

 

According to the Ombudsman for Banking Services Reana Steyn, fraud continues to pose a risk to banking customers with new scams launched every day. The ombudsman investigated more than R295-million worth of banking fraud in 2021 alone.

Based on the 2020 annual crime statistics, SABRIC said digital banking fraud increased by 33%. This was also fuelled by more people turning to online shopping and bill payments during lockdown.

SABRIC CEO Nischal Mewalall says that cybercrime and data breaches will represent a significant threat to customers and banks, because even the best security and technology can be compromised when criminals source and use legitimate data illegally, to carry out a crime.

Mewalall says: “Your personal data, when combined with technology, has become the new key to the safe that holds your money in a bank, so you must safeguard your data to prevent criminals getting access to your safe.”

Mewalall also warns bank customers to never click on links in unsolicited emails as these links are used in phishing emails to drive people to “spoofed” websites that look like legitimate online retailers, complete with enticing images and convincing taglines.

“Criminals use these bogus websites to harvest bank card details to make online purchases using your account. We are still seeing lots of scam’s advertising seemingly incredible deals for personal protective equipment, sanitiser and fake vaccines that exploit people’s concern for their health and safety,” adds Mewalall.

 

Tips to protect yourself against fraud
  • Always protect your personal information, including usernames, passwords, and PIN numbers.
  • Regularly review your account statements and query disputed transactions with your bank immediately.
  • Implement dual authentications for all accounts and products, especially for financial services products.
  • Register for SMS notifications to alert you when products and accounts are accessed.
  • Do not click on links or icons in unsolicited e-mails, and do not reply to them.
  • Type in the URL for your bank in the internet browser if you need to access your bank’s webpage.
  • Create complicated passwords that are not easy to decipher and change them often.
  • Banks will never ask you to confirm your confidential information over the phone.
  • If you receive an OTP on your phone without having transacted yourself, it was likely prompted by a fraudster using your personal information. Do not provide the OTP telephonically to anybody. Contact your bank immediately to alert them to the possibility that your information may have been compromised. 

 

Partner with a B2B event

New call-to-action

Subscribe to

Please fill out your details and we will ensure to keep you updated with a weekly bulletin on the latest blog articles we have to share!







Like Us On Facebook

You May Also Like…