CAPE TOWN – Clothing retailer Superbalist warned South Africans on Twitter about a new phishing scam that is targeting customers via SMS and email.
Customers were sent fake emails from scammers requesting them to update their credit card details via a link.
In a tweet, the company noted that a “few” of its customers have been targeted by the scam.
❗ PHISHING SCAM UPDATE❗— Superbalist.com (@superbalist) February 26, 2019
We are working with the relevant authorities to fully investigate the phishing scam – which affected a limited number of customers late on Sunday and early Monday.
The company also stated that it would never request you to update credit card details via an email or SMS so anything of this nature should immediately be deleted.
The domain has been blocked and we are investigating further. Please note that Superbalist would never request you to update credit card details via an email or SMS so anything of this nature should immediately be deleted.— Superbalist.com (@superbalist) February 25, 2019
Commenting on the issue, Security Specialist at Mimecast, Heino Gevers said that the recent Superbalist scam is another example of just how easy it is for end users to fall victim to simple phishing attacks.
Gevers said: "While Superbalist is warning victims via their social channels, it’s clear that average users still don’t fully understand how phishing scams work and how to spot a malicious email or SMS. User awareness remains a huge concern and one that needs to be rectified urgently."
"Individuals need to understand the consequences of clicking on harmful links and why they should never hand over confidential data when prompted via email or SMS. While a few individuals were the unfortunate victims of this particular scam, many could be employees in your organisation and this lack of cyber awareness could have devastating consequences for your business."
"Awareness training needs to be made a priority in your organisation and if your employees are constantly educated on all types of threats, they will think twice before clicking on harmful links and exposing your business to data or financial loss," said Gevers.
BUSINESS REPORT ONLINE