By Charndré Emma Kippie
International Fraud Awareness Week takes place between 15-21 November annually. This commemoration encourages organisations, businesses and individuals to proactively take the necessary precautions to minimise the devastating impact of fraud by promoting anti-fraud awareness and education. Raising awareness on fraud is essential, as organisations around the world are currently losing an estimated 5%of their annual revenues as a result of cybercrimes and cyber fraud — according to the 2020 ACFE Report to the Nations.
In light of International Fraud Week, it is an optimal time to address cybercrimes, especially cyber fraud.
What is Cyber Fraud?
Cyber fraud is a crime committed by way of utilising a computer/electronic device with the intent to corrupt another individual’s personal and financial data, which has been stored online. This type of data can be used by a cyber fraud perpetrator to financially fund themselves, or they might intend to use this money to fund illegal activities.
Where do we stand?
This particular type of cybercrime may harm someone’s overall security and reputation as well. And one way for this crime to be committed is through the use of ransomware.
Ransomware is everywhere and just about anyone can fall prey to this type of attack. Research has shown that throughout the first half of 2021, Africa accounted for 1,7% of ransomware attacks worldwide.
South Africa made up 1,05% of these recorded attacks. This indicates that only 0,65% of the total recorded attacks were actually against users in other parts of the African continent — Trend Micro’s midyear Cybersecurity Report 2021.
The Trend Micro’s midyear Cybersecurity Report also highlighted a 47% year-on-year surge in email threats, as well as malicious files and URLs.
“Pre-pandemic, when most of the workforce was office-based, it was easier to secure endpoints and a company’s data centre. Traditional perimeter security has disappeared. It is now found wherever your workforce is located – at their homes, in hotel rooms, coffee shops or coworking spaces. Now, the task requires moving workloads to the cloud and securing every employee, their homes and personal mobile devices, all of which have become companies’ new data centres,” explained Zaheer Ebrahim, Cybersecurity Consultant at Trend Micro.
“As cybersecurity threats continue to increase in frequency and sophistication, Security Operations Center (SOC) teams must streamline their security processes without sacrificing reliability. One way to do that is through Endpoint Detection and Response (EDR), which continually monitors and responds to mitigate cyber threats. EDR acts like a CCTV camera that records all the activities that occur at an endpoint. While it might not be able to prevent a cybersecurity threat, it can playback the breach to strengthen cybersecurity retrospectively and secure any vulnerabilities from future attacks”, Ebrahim concluded.
Laying down the law
New laws documented in the Cybercrimes Act 19 of 2020, are bringing South Africa up to speed in terms of international standards for fighting cybercrime. A spike in global internet-based offences has been acknowledged this year. This has been due to the work-from-home trend which came into play as a result of the global Covid-19 pandemic. Thus, there is no surprise why these laws have been updated.
Our Cybercrimes Act has been described as “a groundbreaking and decisive step in the country’s cyber governance and policy space”, by Advocate Doctor Mashabane — Director-General in the Department of Justice and Constitutional Development and South Africa’s former Cyber Envoy to the United Nations.
In addition to the Cybercrimes Act, the Protection of Personal Information Agreement (POPIA) Act 2020, is also now in play. Together, these two strategies play a key part in South Africa’s defence against cybercrime.
Advocate Mashabane has also indicated that the Cybercrimes Act will further “bolster our engagement at diplomatic and multilateral platforms with a view to developing a global framework on cybercrimes and cyber security.”
South Africa does, however, stand as a major player internationally, contributing to multiple UN forums geared towards coming up with the best recommendations for how to govern cyberspace efficiently.
It is an ambitious mission to successfully complete. However, if we continue to enact new domestic legislation, our nation will convey a critical message to the world of its steadfast commitment to laying down the law and combating cybercrime, especially in relation to cyber fraud.
The Cybercrimes Act 19 of 2020 intends to:
- Define offences which have a bearing on cybercrime;
- Criminalise the disclosure of data messages which are harmful and to provide for interim protection orders
- Further regulate jurisdiction in respect of cybercrimes
- Further regulate the powers to investigate cybercrimes
- Further regulate aspects relating to mutual assistance in respect of the investigation of cybercrimes
- Provide for the establishment of a designated Point of Contact; to further provide for the proof of certain facts by affidavit
- Impose obligations to report cybercrimes
- Provide for capacity building
- Provide that the Executive may enter into agreements with foreign states to promote measures aimed at the detection, prevention, mitigation and investigation of cybercrimes;
- Delete and amend provisions of certain laws
- Provide for matters connected therewith
Combat Online Fraud
- The National Anti-Corruption Hotline for the Public Service is a government initiative. It ensures that all cases of alleged corruption are reported centrally and re-directed to the relevant departments/provincial administration for further attention.
- To report acts of corruption or fraud, call the toll-free number 0800 701 701 or SMS 39772.
- You can also join the global effort to minimise the impact of fraud by promoting anti-fraud awareness and education
- For more information: https://www.fraudweek.com/
How To Prevent Cybercrimes
- Keep your information safe
- Backup all your important files, and store them independently from your system (e.g. in the cloud, on an external drive);
- Always verify you are on a company’s legitimate website before entering login details or sensitive information.
- Check your software and systems
- Always upgrade to the latest anti-virus software
- Secure email gateways to catch threats sent via spam
- Bolster your home network
- Secure system administrations vulnerabilities that attackers could abuse
- Disable any third-party or outdated components that could be used as entry points
- Download mobile applications or any other software from trusted platforms only
- Perform regular health scans on your computers or mobile devices
- Be hypervigilant
- Chat to your family members about how to stay safe online
- Always check and update the privacy settings on your social media accounts
- Change your passwords regularly and ensure they include a strong mix of uppercase, lowercase, numbers and special characters
- Do not click on links or open attachments in emails which seem suspicious
*Check out the latest edition of the Public Sector Leaders publication here.
Telephone: 086 000 9590 | Mobile: 072 126 3962 | e-Mail: firstname.lastname@example.org