Hackers have gone phishing
This comes in the wake of this week’s cybercrime attack on eThekwini city manager Sipho Nzuza, which shows how brazen hackers have become.
The city council has confirmed that the suspected fraud was being investigated by their Integrity and Investigations Unit after DA councillor Marlaine Nair brought the matter to its attention.
This week a construction director, who chose to remain anonymous, sent a copy of an email to Nair which was purportedly received from Nzuza in which reference was made to a construction tender.
In the email, the director was asked to contact Nzuza by 10am. When he contacted the person posing as Nzuza, the director was asked to pay R100000 into an account.
Email attacks are often the first point of contact for cyber-criminals who either want to steal information or make direct profit.
Cyber-security strategist Matthew Gardiner for global specialists in email security, Mimecast, said their latest quarterly email security risk assessment report released at the end of last month showed an 80% increase in impersonation attacks from their previous quarterly assessment.
“Targeted malware, heavily socially-engineered impersonation attacks and phishing threats are still reaching employee inboxes.
“This leaves organisations at risk of a data breach and financial loss.
“Our latest analysis saw a continued attacker focus on impersonation attacks quarter-on-quarter.
“These are difficult attacks to identify without specialised security capabilities and testing shows commonly used systems aren’t doing a good job catching them,” said Gardiner.
The Ponemon Institute’s 2018 Cost of a Data Breach study found the average cost of a data breach in the country was R36.5million, increasing from R32m in last year’s report.
When insurance giant Liberty Life was hacked this year, R1.68billion was wiped off its R34bn market value.
Mimecast’s KwaZulu-Natal general manager Paul Stafford, said 92% of cybercrime starts with the email process.
“It is the most pervasive corporate information service. The increase in supply chain fraud targeting payment workflow processes is huge an attack can involve important data being encrypted and then having to pay a lot to get data back.
“There is also the cost of brand damage when news of a cyber attack is released,” said Stafford.
When it comes to personal emails, Alto Africa chief technology officer Oliver Potgieter said cybercrime technology had moved on from the target having to click on links for a hacker to get a password.
He highlighted an email doing the rounds which attempted to blackmail the target who was accused of downloading porn. The email starts with: “I am aware that (actual password) is one of your passwords.”
“Phishing has always been about trying to get your password, now they are leading the email message with your password straight off the bat to establish credibility.
“The password used is actually correct (or was). We believe this password information in these recent instances has been from hacks such as the Ashley Maddison hack of 2015. There is also nothing in this email that causes it to be blocked by normal spam protection, no links, no malware, no attachments,” said Potgieter.
Payment demanded is often in a cryptocurrency such as Bitcoin which cannot be traced.
Director of Nemisa KwaZulu-Natal e-Skills Colab in Durban, Dr Colin Thakur, said many people now had their email on mobile devices and not only their laptops.
Both Thakur and Stafford said cybercrime could be carried out through USB devices, which can be placed close to a person who then presumed it was their own.
“You put it in and every key stroke you do is picked up, whether it’s your password or other critical information.
“When it comes to creating a fraudulent account, the hacker simply has to transpose two letters.
“Your eyes will auto-correct the error and every hacker knows that’s what you’ll do.
“It’s such a basic level of fraud, people don’t believe it can happen, but it does,” said Thakur.