Opportunistic cyber criminals are using COVID-19 to target people with scams, malicious websites and phishing attacks.
Cyber experts say South Africa has seen a rise in attacks on digital networks since President Cyril Ramaphosa declared the pandemic a national disaster.
Since the COVID-19 global pandemic, cyber criminals have been preying on people with innovative scams suited to the current environment.
Fraud Examiner Mario Fazekas says the scams include malicious websites and spam emails.
“There’s a few thousands that have popped up everywhere with the name coronavirus and when people visit the sites it has got the lock icon and says https but that doesn’t mean the website is secure. All it means is your connection to the site is secure and then they offer you documents that you can download and malware comes with those documents.”
He has warned people not to reply or click on unknown links in emails or Whatsapp messages.
“People are receiving emails with messages such as ‘Free home testing kits, or Masks and hand sanitszers for free. All you have to do is pay the postage.’ So, you pay the postage and you wait forever because nothing is going to arrive. The other things they are offering is paid videos with a cure because people are panicking now. They see these things and sign up, pay the money, watch the video, but all it tells you is to wash your hands, use sanitisers, masks, gloves. Another thing is fake charities. They want you to pay money.”
Fazeka says some use phishing scams where you get links that appear to come from authentic organisations or government departments. However, he says those links usually contain dangerous attachments.
Senior Lecturer in Digital Transformation at the University of Stellenbosch’s Business School Dr Martin Butler says the COVID-19 global pandemic, which has forced millions of office workers to work remotely, has created a “perfect storm” for cyber criminals seeking to exploit the crisis.
“From about 30 000 a day to 300 000 a day and then it dropped to 200 000 per day. It’s literally a magnitude increase in attempted attacks. Many of these attacks are brute force attacks, which means it’s just a sophisticated algid, which means they are just guessing your password.”
Butler has advised people to ensure their networks are secure and that they have a strong password. He says its not just one’s privacy that’s at stake criminals could be after your money or intellectual property.
“Quiet often, they would try for financial gain. They would see if they would compromise the credentials for people to log in anywhere and then use that for fraudulent money transfers. That’s more your individual cybercrime groups. When you are looking at rogue states and state actors, they quiet often try to steal your intellectual property. So they would see if any of the documents would be of any value to them. If you transmit documents online and it is documents with important intellectual property, then that’s actually looking for trouble.”
Security tips include using strong passwords, not sharing passwords, avoiding unprotected or public WiFi and making use of multi-factor authentication where possible.