As COVID-19 spread throughout the globe, a clarion call was answered by cybercriminals and we saw a notable uptick in the amount of cybercrime.
South Africa was not immune to the attempts of cybercriminals to get them to part ways with their money, and we now have a bit of a better idea of how costly those attempts were.
Data gathered by Toluna research agency on behalf of Kaspersky reveals that the average cost of banking fraud in South Africa between January and June 2020 amounted to $47 per incident or R763.
While that figure is quite low, it’s important to note that this is an average and many South Africans likely lost a lot more.
What we found fascinating, however, was how cybercriminals managed to convince folks to part ways with their money.
In 40 percent of the cases respondents said the correct name and surname of the person they called. Even scarier, 20 percent of respondents said that the criminals knew their bank card credentials.
This is, in truth, not all that surprising.
Dark web marketplaces often sell massive databases containing oodles of information gleaned from a variety of hacks that have taken place over the years. Add a bit of social engineering thanks to social media and humanity’s urge to keep a running timeline of our lives for anybody to see, and you have a spear-phishing campaign just waiting to be executed.
As for the attack surface, Kaspersky reports that in 74 percent of cases, the fraud took place over the phone. Particularly noteworthy is that these calls took place during office hours between 11:00 and 16:00, Monday to Thursday.
Perhaps criminals think that placing a call in the middle of the day will increase their chances of successfully conning a person.
“Financial scams continue to grow, in particular the share of those who faced financial malware in the first three quarters of 2020 nearly doubled in comparison with the previous year in South Africa,” explains head of Middle East Research Centre at Kaspersky’s Global Research and Analysis Team, Amin Hasbini.
“Unfortunately, many people still do not know how to recognise criminals and lose money as a result of simple scam schemes. In case of a phone scam it’s better to end the conversation and call the bank’s official number should there be any suspicion,” Hasbini added.
Should you find yourself on a call with a person claiming to be your bank and the call feels suspicious, hang up and call the bank directly using numbers you can verify such as the one on the back of your bank card.
Never give out your CVV code and never ever give out SMS codes sent through for multi-factor authentication.
You might also want to invest in a security solution for your smartphone just to be safe.
[Image – CC 0 Pixabay]