Just because you’re paranoid doesn’t mean they’re not out to get you. This, it seems, is even more so if you live in South Africa.
According to Interpol’s 2022 Africa Cyberthreat Assessment report, South Africa leads the continent in the number of cybersecurity threats identified. Last year, the country had 230 million threat detections in total. Of these, 219 million were email-related. South Africa also had the highest targeted ransomware and business email compromise attempts.
When the financial impact of cybercrime is looked at on a global scale, a 2023 report on The State of Email Security released by Mimecast – a company specialising in cloud-based email management – found cybercrime is expected to cost $8 trillion.
The study, which surveyed 1 700 chief information security officers and other information technology professionals, found that email was the number-one attack vector for cybercriminals. Of all the data breaches, more than 95% were due to human error. These “mistakes” include 80% poor password hygiene (80%), misuse of personal email (78%), oversharing of information on social media (77%), careless or inappropriate use of smartphones (75%), and careless or inappropriate use of collaboration tools (75%).
Justin Westcott, the chief technology officer at DataGr8, says humans are prone to making mistakes, whether it’s choosing weak passwords or falling for scams online.
“Even the most tech-savvy individuals can make errors under certain circumstances or succumb to momentary lapses in judgement. Recognising our own fallibility allows us to be more cautious and vigilant when it comes to protecting ourselves online,” he says.
The South African-based company provides data-focused technology and services to customers across Africa.
More recently, it branched out into Terranova Security, a cybersecurity company that provides a comprehensive security awareness training programme to individuals and organisations.
Westcott says the programme is designed to educate individuals on how to protect themselves from various cyber threats.
“Ensuring your personal cybersecurity not only protects you but also helps prevent potential attacks on others. Cybercriminals often use compromised accounts or devices as launching pads for larger attacks against companies or government institutions. By maintaining a strong defence against cyber threats, you contribute to creating a safer digital environment for everyone,” he says.
Growing sophistication
According to the Mimecast report, corporate reliance on email continues to grow at a rate outstripping the surge in email that took place at the outset of the Covid-19 pandemic – with 82% of companies reporting a higher volume of email in 2022, compared with 79% in 2021, and 81% in 2020.
More email has led to more email-based threats. Three out of four (74%) respondents say these have risen over the past 12 months.
While the increasing number of threats is a problem, their growing sophistication poses an even greater danger as cybercriminals continue to refine and adapt their strategies. And criminals don’t even have to be tech-savvy to employ highly sophisticated methods of incursion. Malware kits on the dark web bring the technology to them.
Westcott says cybercriminals are constantly evolving their tactics, preying on human vulnerability to breach personal cybersecurity.
“They exploit our trust, curiosity, and even our ignorance to gain access to sensitive information or wreak havoc on our digital lives.”
He says a factor contributing to human vulnerability in cyberattacks is our reliance on technology.
“We use various devices and platforms for communication, entertainment, and productivity. However, this also means that we leave behind a trail of personal data scattered across different platforms. Cybercriminals can exploit this wealth of information to impersonate us or gain unauthorised access to our accounts.”
Social engineering
A common method used by cyber-attackers is social engineering. Westcott says they manipulate unsuspecting individuals into divulging confidential information or performing actions that compromise their own security.
“For example, phishing emails are designed to look like legitimate messages from trusted sources and trick users into clicking on malicious links or providing log-in credentials. Without proper awareness and education about these tactics, it’s easy to fall for these traps.”
The report found that 90% of corporate security breaches were the result of phishing. Of the estimated 255 million phishing attempts in 2022, 70% of these emails were opened by the recipient. Among all respondents, 80% said they had experienced at least one attack where the threat had spread from one infected user to another.
By some estimates, 97% of users can’t even recognise a crude phishing email when they receive one.
Understanding the role of a human firewall
Damning as these statistics may be, Westcott says there is a very effective solution: becoming a human firewall.
“You are not just a passive victim in this digital landscape; you can actively defend yourself by becoming a human firewall. A human firewall acts as the first line of defence against cyber threats, using knowledge and awareness to identify and thwart potential attacks.”
He says by staying informed about the latest cybersecurity threats and best practices, you can arm yourself with the necessary tools to detect phishing emails, malicious links, or suspicious activities.
“Your ability to recognise these red flags is invaluable in protecting your personal information from falling into the wrong hands.”
He explains this means taking responsibility for your cybersecurity hygiene by:
- regularly updating software;
- using strong and unique passwords for all accounts;
- enabling two-factor authentication whenever possible; and
- being cautious when sharing personal information online.
“By implementing these simple yet effective measures, you significantly reduce the likelihood of becoming an easy target for hackers,” Westcott says.
One of the best ways to ensure emails are safe, is to use Mailwasher Pro.
MailWasher lets you preview all your email before it gets to your computer or mobile device, enabling you to read all your email securely, and instantly delete any unwanted or suspicious email. Your remaining good email is downloaded to your PC or mobile device, so you avoid any spam or email viruses in your PC.
I have no financial interest in this product and promote it because it is so effective.