In 2020, the Covid pandemic caused a global shift to remote and hybrid work, forcing organisations and individuals to pivot the way they operate practically overnight — with little to no preparation. People have found through the chaos to download Zoom and upload masses of personal information on the internet daily. And where most saw a crisis, cybercriminals saw an opportunity.
South Africa’s well-developed financial infrastructure makes us an attractive target, and we are now the third-highest globally for the number of cybercrime victims, with an annual cost of R2.2 billion.
Practically, what can you do to avoid being the next victim? Juta looked to key players in the industry for key points to keep your money, your identity, and your data safe
Stay Up To Date
We are talking about your software, not just your awareness! Cybercriminals are most likely to exploit flaws to access your systems and information, so regular updates, firewalls, and software upgrades minimise these opportunities.
- Firewalls: the first line of cyber defence, they block connections to unknown or bogus sites and prevent viruses and hackers
- Antivirus software: prevents viruses from infecting your computer by installing and regularly updating anti-virus software
- Application and OS (operating system) updates: these are for laptops and mobiles, and new updates and upgrades will have the newest developments to counteract cybercriminals
Smack down That Pop-Up
Beware of fraudulent emails, text messages, or pop-up windows that ask you to enter any sensitive information. Rather open your browser and visit the site directly – you might find a warning from your laptop as you do this. If you still aren’t convinced, then contact the company or entity that supposedly messaged you.
Legitimate companies will never ask you for your login information through an email!
We all want passwords that are easy to remember, but birthdays and exclamation marks will make you a vulnerable target!
- Passwords should be at least eight characters
- Include a combination of letters, numbers and symbols
- Use a password manager that will assign and store unique, encrypted passwords for different sites for you – you don’t need to remember the password and since it isn’t stored on the site a hacker won’t get it!
- Change passwords every six months or whenever you think you might be compromised
- Use two-factor authentication (e.g. text messages) or biometrics (fingerprints)
- Try not to use the same password across platforms
Make a VPN your internet VIP
Secure your internet network with a strong encryption password and a VPN (virtual private network) – VPNs will encrypt all the traffic until it reaches the final destination. This means that if cybercriminals do hack your communication line, they will only intercept encrypted data and you can rest assured you are being neither tracked nor breached. It is an essential internet tool that provides the best quality of security.
Use a VPN whenever you have a public Wi-Fi network, whether it’s in a library, hotel, airport or café.
Be Social Media Savvy
We know this sounds far-fetched but revealing personal information like your maiden name or favourite pet can expose the answers to common security questions. Keep your private information just that: private! Social engineering cyber-sleuths can easily access this information, so the less you share, the safer you’ll be.
Keep Your Identity
Your personal information can be used by criminals to assume your identity and acquire retail or bank accounts, or even defraud your insurance, medical aid, or UIF. Sometimes they impersonate you and use social engineering to access your bank accounts.
Because some personal information such as your identity number cannot be changed readily, and other personal information such as your home and work addresses are impractical to change, SABRIC (the South African Banking Risk Information Centre) recommends the following precautionary measures when you are required to provide personal information for security verification purposes:
- Do not use any information that may have been compromised. Rather use other personal information that you have not used previously to confirm your identity in future.
- Register a new email account. Implement dual authentication for all accounts and products, especially for financial services products.
- Register for SMS notifications to alert you when products and accounts are accessed.
- Conduct regular credit checks to verify whether someone has applied for credit using your personal information and if so, advise the credit grantor immediately.
- Investigate and register for credit related alerts offered by credit bureaus.
- Check your bank statements regularly.
Defend Your Data
Critical or sensitive data such as financial records or SARS returns need to be protected, for example with encryption. Make regular backups for your essential data and store it in another location.
Know what to do if you become a victim of cybercrime
If you DO become a victim of a cybercrime, you must inform relevant authorities as soon as possible – this is vital even if the crime seems minor.
- Contact the banks and companies where the fraud occurred
- Place fraud alerts and get your credit reports
- Report the crime to https://cybercrime.org.za/reporting
- Report it to the nearest police station
Also, if you have received what you think is a scam message, e-mail it to firstname.lastname@example.org and it could appear on the website to warn other potential victims.
DID YOU KNOW?
South Africa has just released the Cybercrimes Act, which Director-General in the Department of Justice and Constitutional Development and South Africa’s former Cyber Envoy to the United Nations, Advocate Doctor Mashabane, describes South Africa’s Cybercrimes Act as ‘a groundbreaking and decisive step in the country’s cyber governance and policy space.’
Together with the Protection of Personal Information (POPI) Act 2020, which will be in full effect after 30 June 2021, the new cyber law is a key part of South Africa’s armoury in the fight against cybercrime.