Thought leadership: Be wary of ‘Coronamania’ cybercrimes during Covid-19
- Recent statistics estimate that cybercrime costs South Africa more than R2,2 billion per year.
- Cybercrimes include phishing attacks, spreading malicious software (malware), and stealing login credentials and credit card details.
- Now more than ever, banking clients need to exercise extreme caution when transacting online during the Covid-19 pandemic.
By Mark Rose
The key industry player, the South African Banking Risk Information Centre (Sabric), has issued warnings to bank clients that cybercriminals are exploiting the spread of Covid-19 for their own gain, using ‘Coronamania’ panic to spread Covid-19 scams.
According to Sabric, these new scams include spoofed emails offering products such as masks, or fake offerings of vaccines, leading to phishing websites. These emails come from seemingly realistic and reputable companies, which manipulate people into clicking on links. Some of these websites prompt the user for personal information, which ends up in the hands of cybercriminals.
Cybercriminals are also using SMS phishing, or smishing, to trick victims into clicking on a link disguised as information on a Covid-19 breakout in their area to steal their credentials. Some claim to provide free masks or masquerade as companies that have experienced delays in deliveries due to Covid-19. Once criminals have the correct level of confidential information about a victim’s bank account, they can impersonate the victim and transact using the correct credentials without authority.
In view of the above, Nedbank shares the following guidelines with business banking clients to safeguard themselves:
- Avoid opening emails and text messages from unknown sources or visiting untrusted websites. Do not click on links or icons in unsolicited emails or SMSs, and never reply to them. Delete them immediately.
- Do not blindly accept the content of unsolicited emails or SMSs as being the truth. If you are concerned about what is being alleged in these messages, please verify the sender’s details through their website before contacting them to confirm the legitimacy of a message.
- If you receive a notification from a supplier or customer stating that their bank account details have changed, verify the new account details before making payment, by using Nedbank’s account verification services. This allows you to verify that the bank account belongs to the correct recipient and is valid, thereby reducing fraudulent redirection of payments and collections.
- Activate notification services on your business bank accounts with Nedbank to receive instant alerts to changes in your bank account balance and status.
- Scrutinise your bank statements regularly for irregular payments and switch to digital statements that can be delivered to your email address daily.
- Use trusted sources, such as government websites, for fact-based updates on Covid-19.
- Do not reveal personal or financial information in any email or SMS, and do not respond to email requests for this information.
- Regard urgent security alerts, offers or deals as warning signs of a hacking attempt.
- If an email makes you feel anxious, fearful, curious or if it sounds too good to be true, rather follow your gut – stop and verify its source before clicking on anything.
- Please forward suspect emails to firstname.lastname@example.org, so that we can deactivate the phishing site. If you suspect fraudulent activities on your account or think you were approached by a fraudster, please report this immediately to +27 (0)860 111 263 or use the ‘Report fraud’ function on the Nedbank Money app. For any questions, please phone our call centre on 0860 775 775 or email DataProtection@Nedbank.co.za.
Mark Rose is Nedbank Business Banking Executive Head: Strategy and New Business Development.
This post and content is sponsored, written and provided by Nedbank Business Banking.