At the South African leg of the IDC Security Roadshow taking place today in Johannesburg, Dmitry Galov, Head of Russia and CIS Unit, Global Research & Analysis Team (GReAT) at Kaspersky, will share insights into the process of how cyberattacks emerge and evolve, with the focus on initial access techniques.
“Cybersecurity is center stage for organisations in South Africa and sub-Saharan Africa,” says Jonathan Tullett, Associate Research Director, IT Services, sub-Saharan Africa at IDC. “We see growing rates of breaches and increasing severity and damaged experienced by victims. Despite economic headwinds, CIOs are increasing security investment with key outcomes including improved visibility, faster and more automated response to security incidents, reducing the attack surface area of vulnerable systems, identity management and cloud security.”
Recent Kaspersky research has highlighted that phishing remains the top initial access vector for security incidents. According to the Spam and Phishing in 2022 report, Kaspersky's anti-phishing system thwarted over 500 million attempts to access fraudulent Web sites globally in 2022. In Africa, we see that this type of threat is growing over time: Q2 2023 saw 2.5 times more (153% increase in South Africa and similarly 145% in Kenya and 125% in Nigeria) phishing detections in comparison with Q1.
Galov will highlight the adaptability of cybercriminals using examples of local scams such as those tied to the tax season in South Africa. One such prevalent scam is an email masquerading as a notification from SARS, urging recipients to view an 'account in arrears'. The tax authority has since warned taxpayers about this scam, and Galov echoes this advisory for extreme caution this tax season.
Example of a phishing email targeting unsuspecting South African taxpayers
"Phishing is one of the most prevalent and pernicious threats in the cybersecurity landscape. Being the gateway to many of the worst cyber threats, phishing pages are the first step in a long chain of events that can result in identity theft, financial loss, and reputational damage for both individual consumers and businesses,” says Galov.
Beyond the tax-related scams, Kaspersky experts have also identified phishing attempts leveraging local banking names, including FirstRand in South Africa and Zenith Bank Nigeria.
Example of a phishing email mimicking correspondence from FirstRand bank
“Phishing remains a dominant and evolving threat, exploiting human vulnerabilities. It’s imperative for individuals and businesses alike to remain vigilant, especially in this digital age where the line between legitimate and fraudulent can blur rapidly,” urges Galov.
To safeguard oneself, Kaspersky experts recommend:
- Always ensuring the credibility of emails and links before clicking through.
- Being cautious with emails from unknown sources asking for personal or banking details.
- Using established security solutions with international threat intelligence capabilities.
- Regularly checking official sources, like SARS, for alerts on ongoing scams.
For the full list of scam and phishing examples affecting SARS, click here.