Security software, processes and systems are not enough to beat cybercriminals. They're clever, they're focused and they have time. South Africa is one of only 28 countries to have a cyber-security policy in place, but it is widely criticised. We have been victim to the most cyber-attacks on the continent this year, and we lose in excess of R2.2bn to internet fraud and phishing attacks annually, according to the South African Banking Risk Information Centre. Cybercrime, overall, costs the country around R5.8bn annually. Just recently we’ve seen hackers getting into the accounts of UK mobile users’ accounts to access their bank sort codes and details.
How to keep safe online
The biggest threat to our cyber-security is our own online behaviour, says Eleanor Mitrovich Potter, Consumer Executive at Autopage. "The internet provides incredibly useful tools and it's near impossible not to participate in online activities, but there are no rules of engagement," she says. She uses the analogy of a driver's licence: "First, you get your learner's licence: you study the theory, the rules, the etiquette. Then you go for driving lessons and learn the practical aspects: how to handle certain situations, and you learn to be considerate towards other road-users. You understand that road rules have been developed for the safety of all; that's why you wear a seatbelt, that's why you adhere to the laws of the road. You also understand the consequences of your actions. With the internet, there's none of that." Guest writer, Strato Copteros, speaks more about freedom of speech in South Africa online and how it may be time to watch your words.
It is impossible not to leave a digital footprint and there needs to be greater awareness and greater responsibility for the consequences of our cyber footprint. Words and photos, once posted on the internet, are there forever. Deleting them does not erase them from the cyber cloud, and the results may be far-reaching and the consequences, devastating. We also leave tracks unknowingly and often carelessly, says Mornay Walters, founder and CEO of Seecrypt. "Metadata is quantified and calculated all over the world, and it builds a picture and a story of what we are," he says. "The problem with metadata is that it's data about me and you, collected in the name of law enforcement or commercial value by governments and private companies. They have become punch-drunk on this information: it's the new oil. Data and data mining is the new oil. This information is collected and stored, which is fine. But what if it gets into the wrong hands?"
We provide masses of information willingly and without question. Mitrovich Potter gives the example of checking into a hotel, which had been pre-paid. On arrival, she was asked for her ID and the reception staff wanted to take a copy. "They've verified who I am, I've already paid, why do they need to keep a copy of my ID?" When she escalated the issue, the hotel manager simply responded with: "It's policy." With identity theft on the rise, we need to be sceptical and question these situations for our own security.
Here are Mitrovich Potter's seven tips to protect yourself from cybercrime:
- Protect your phone with antivirus software/apps.
- Consider the consequences of social media posts, both from a reputational and security perspective.
- Only use location services when necessary.
- Change passwords regularly and use alphanumeric characters and symbols.
- Beware of unsecured wi-fi networks - use a Virtual Private Network (VPN) if you must connect.
- Be suspicious of emails from strangers or strange emails from friends - call them to check before you open them and click on links.
- If you shop online, use a secure payment mechanism such as PayPal, rather than providing credit card details to a range of outlets.
Cybercrime, like any crime, will always be a reality. As consumers, it’s up to us to take responsibility and educate ourselves to avoid being soft targets.