Surge in email scams

MORE than 90% of SA companies experienced impersonation fraud or suffered from email compromise over the last 12 months.

MORE than 90% of SA companies experienced impersonation fraud or suffered from email compromise over the last 12 months.

Published Apr 9, 2022

Share

Durban - More than 90% of SA companies experienced impersonation fraud or suffered from email compromise over the last 12 months, while 97% of companies highlighted that their lack of cyber resilience was due to a lack of funding.

These are some of the findings in the latest ’State of Email’ security report released by cyber security specialist Mimecast, which warned that email attacks were on the increase.

The Hawks and US Secret Service led an operation last week which netted seven suspects who were charged with fraud and money laundering in Johannesburg’s Palm Ridge commercial crimes court.

The group was arrested last Thursday after police raided a number of properties across Johannesburg. They were suspected of defrauding a US-based mental health institute out of millions through a business email compromise (BEC) scam.

It is also suspected that the fraudsters used romance scam victims to divert the stolen funds to move the money into accounts held by the syndicate.

Hawks spokesperson Brigadier Thando Mbambo said the charges against the seven suspects related to “business email compromise fraud scam allegations”, where money was taken from a US-based entity and moved into South African bank accounts.

A number of vehicles were seized during the arrest including a Mercedes Benz valued at more than R3 million.

Hawks head Lt-General Godfrey Lebeya confirmed that multi-disciplinary teams of different units were working on an international basis to take on cyber crime syndicates.

This included the arrest last year of eight suspects associated with the organised crime group Black Axe.

This week Mimecast cyber security expert Brian Pinnock said: ”Our latest State of Email Security report found that 92% of South African companies experienced impersonation fraud or Business Email Compromise in the past 12 months and 39% saw an increase in this type of attack.

“These attacks are highly targeted and spoof an organisation’s CEO, other executives, employees, customers, vendors, partners and well known internet brands.

“The email asks for money, sensitive intellectual property or login credentials,” said Pinnock.

He added that the research had also found that the business sector can expect “increasingly sophisticated attacks to be their most significant concern, with 55% of respondents saying this would be the biggest email security challenge in the year ahead”.

Advising that companies needed to train employees on how to spot potentially dangerous actions which could lead to an email compromise, Pinnock said: “Nearly half (49%) of South African companies said they experienced business disruption due to a lack of cyber preparedness and 48% suffered data loss.

“A lack of funding is also hampering efforts by security teams to protect companies, with nearly all companies (97%) citing insufficient funding as a reason for their impaired cyber resilience.

“In light of the notable increases in the sophistication of attacks launched by threat actors and the marked growth in volume of such attacks, the matter of building greater cyber resilience should be on the agenda in every boardroom today,” he said.

The Independent on Saturday

Related Topics:

Cyber attackTrue Crime