CYBER FRAUD
INTERNATIONAL FRAUD AWARENESS WEEK 14 TO 20 NOVEMBER
Monday,15 November 2021 Cyber Fraud
Cyber Fraud is defined by the ACFE as computer aided activity involving a deliberate misrepresentation of fact or alteration of data to obtain or receive something of value that causes financial loss to some person or organization.
On this day, we look at the numerous cyber fraud schemes such Ransomware which is malware that employs encryption to hold a victim’s information at ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access.
IN PHISHING; the fraudster will trick victims into providing information like passwords, account numbers and other sensitive data.
A typical example is where a fraudster will request user access into a system by claiming that he/she is the user who has forgotten his/her password.
A request from a system application asking you to re-enter your PIN to update your account.
WHAT SHOULD YOU DO?
Have a 2 step verification for access into all your digital systems.
WHAT SHOULDN’T YOU DO?
You never click on a link that will ask you to input you personal information such as passwords, PIN any other related data. Especially if it claims to come from your bank.
When job hunting be weary of potential employers who send e-mails from suspicious sites to ask for your personal information as these could be fraudsters.
Be weary of e-mails congratulating you on your winnings or inheritances from deceased relatives requesting that you have to submit your account number so that your money could be transferred.
RANSOMWARE
which is malware that employs encryption to hold a victim’s information at ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access.
In the digital era and paperless environment, all critical data is electronic and saved on a remote server. This solution saves a lot money and protects critical information in an event of a disaster. However, it does come with its own problems.
A fraudster may find a way to lock this data (encryption) so that the organization is unable to open and use these files. A ransom is demanded by the fraudster in order to release such data.
WHAT TO DO:
- Backup data frequently in more that one place and have one copy in unchangeable or undeletable format.
- Run frequent application and software updates.
E-MAIL FRAUD
WHAT SHOULD YOU DO?
- Verify all e-mails requiring action from the source through telephonic communications.
- Double check the e-mail address you are responding to. Please take note that an e-mail maybe mqudalele@ubuhlebezwe.gov.za instead of mmqudalele@ubuhlebezwe.gov.za
- Process payments through a trusted vendor system.
- Delete suspicious e-mails and block the sender.
- Always verify changes to account details of vendors, ideally through personal contact with the vendor.
WHAT SHOULDN’T YOU DO?
- Click on any link requiring to update your software.
- Respond to unsolicited e-mails offering assistance of any kind.
- Do not download content from unknown sources, especially free software or apps.
Note that company logos are used to by perpetrators to fool users. On a lighter note, phishing e-mails are often written in poor English and/or grammar.
Other types of cyber crimes which may not be fraudulent in nature but worth noting include;
¨ Cyber Stalking
¨ Cyber Bullying
¨ Cyber Defamation
These are common on social media networks. Be careful that YOU do not perpetrate these crimes.
OTHER IMPORTANT THING TO DO:
- Change your access codes frequently.
- Do not use the same access code for all your accounts.
- Do not share access codes.
- Do not save your access codes on unused devices.
- Dispose of computers and other digital devices correctly.