Phishing - and other similar cyber attacks attempting to steal personal information from unwitting end-users under false pretences - is on the rise around the world, and South Africa is in the unenviable position of lying in the top 10 countries targeted by phishing fraudsters.
This is according to findings from RSA’s Quarterly Fraud Report for the first quarter of 2018. RSA is a global cybersecurity leader with consulting and technology solutions that empower firms by providing a holistic view of cybersecurity needs, in order to reduce risk and rapidly respond to incidents.
Anton Jacobsz, managing director at value-added distributor, Networks Unlimited Africa, which delivers the full range of RSA solutions to the local market, says, “When we look at cyber attacks attempting to steal personal information from unsuspecting individuals under false pretences either by e-mail (phishing), phone call (vishing) or SMS text (smishing), we find that South Africa is high up on the list of countries being most targeted, according to this latest report from RSA. The survey presents a well-researched snapshot of the current cyber fraud environment, and as such, businesses of all sizes and types in South Africa should take note that as a country, we are most certainly on the radar.”
During the first quarter of 2018 (1 January to 31 March, 2018), RSA observed several global fraud trends across attack vectors and digital channels. The report highlights the following:
· Phishing accounted for 48 percent of all cyber attacks observed by RSA during this period. Canada, the United States, India and Brazil were the countries most targeted by phishing, with South Africa in tenth place. The Netherlands, Colombia, Spain, Mexico and Germany rounded up positions five to nine. The top phishing hosting countries, in order, were the United States, Russia, India, Australia, Canada, France, Luxembourg, Germany, China and Italy. These two lists show where fraud actors are establishing and maintaining their priorities.
· Financial Trojan horse malware – stealthy malware installed under false pretences, attempting to steal personal user information, accounted for one out of every four fraud attacks.
· Consumer transactions and fraud continue to grow in the mobile channel. In the first quarter, 55 percent of transactions originated in the mobile channel and 65 percent of fraud transactions used a mobile application or browser.
· More than 80 percent of observed fraudulent e-commerce transactions originated from devices that were “new,” meaning unknown to RSA’s Risk Engine at the time of observation.
“As a company, RSA takes a business-focused approach to a company’s cybersecurity strategy, ensuring it is aligned with the company’s strategic objectives to maximise the effectiveness and safety of a company’s digitisation journey. This Q1 RSA report outlines actionable intelligence to consumer-facing organisations of all sizes and types to enable more effective digital risk management.
“For example, the report notes that during this period, RSA detected over 8,000 rogue mobile applications, representing six percent of observed attacks. When you consider that some of these rogue apps will be found in major app stores, disguised as being from legitimate companies, users are reminded that it is critically important to pay attention to the source of the app and what permissions it is requesting. Similarly, the high percentage of phishing attacks outlined in the report shows us that it is possible to counteract these by training employees and other users to be more aware, thereby turning them from a potential phishing liability into part of your organisation’s anti-phishing defences,” concludes Jacobsz.
You can download the RSA Quarterly Fraud Report for the first quarter of 2018 here.