Online scams risk undermining trust in South African government services
Protecting citizens when interacting with digital government services is quickly becoming a top priority for governments around the world.
The astounding growth of the global cybercrime industry and the perceived ease with which threat actors mimic trustmarks and government services online is prompting governments to implement new measures to protect citizens.
As one of the most developed and highly industrialized economies on the continent, South Africa is an attractive target for the global cybercrime industry. Interpol Africa Cyber Threat Assessment Report 2021 found that South Africa leads the way in all categories of cyberattacks, from digital extortion and online scams to business email compromise attacks.
The Interpol report found that weak networks and lack of security made African countries particularly vulnerable to cybercrime.
And while the South African government has made great strides with new legislation such as the Cybercrimes Bill, additional investigative capabilities and a renewed focus on protecting citizens and critical infrastructure from cyberattacks, threat actors have not stood idly by while we fortify our defenses.
A growing volume of brand impersonation attacks poses a risk to trust between the government and its citizens. Increasingly, citizens need additional protection against threat actors who seek to undermine the trust citizens have in the state and its wide range of essential services.
Overturning Trust in Brands
Mimecast’s threat hunting team has recently detected a resurgence in post office-themed email scams in South Africa. Between May and June, our team found over 100,000 emails impersonating the South African Post.
In one version, an official-looking email claims to have the recipient’s package but requires a small payment to complete delivery. Once users click on the link, they are redirected to a payment site where they are asked to enter their credit card or online payment details, which the threat actor could then use to defraud the victim.
One version of this scam is so convincing that it even asks for the victim’s mobile number and sends a confirmation text to their device, presumably to make sure the person entered legitimate information.
In another example of cybercriminals weaponizing state-owned assets against South African citizens, many taxpayers receive a seemingly legitimate email urging them to click a link to download and respond to a letter or risk a court summons. court.
The link invariably contains some form of malware that can infect their devices and open the door for hackers to gain access to sensitive personal information.
Spoofing attacks wreak havoc on trust
Public sector institutions and public enterprises therefore need additional measures to protect themselves against threat actors who hijack their brands or domains and put citizens at risk.
Mimecast’s 2022 State of Email Security report found that 98% of South African businesses are using or planning to use a brand protection service this year, while 86% are using or have the intend to use DMARC (Domain-Based Message Authentication, Reporting and Compliance) to protect their email domains from spoofing.
The reasons are clear: 87% of South African organizations have been notified of a spoofing attack using a cloned domain or website, with 17% having seen more than 10 such attacks in the year elapsed.
When such attacks are successful, they cause incalculable damage to the trust between the organization and its customers. Research in 2021 found that 83% of South Africans would lose trust in their favorite brand if they leaked information to a spoofed website mimicking that brand, while three-quarters would stop buying from a brand s they were victims of cybercrime while interacting with it. brand online.
Public sector cyber threats raise the stakes
When a private sector organization suffers a spoofing attack, its customers may suffer financial loss or other inconvenience that could see them abandon that organization for a competitor. This can affect revenue and, in the case of listed entities, lead to a decline in share price and loss of business value.
In the public sector, citizens do not always have the possibility to seek alternatives for essential services. For example, the most vulnerable citizens have little choice but to interact with the systems and processes of the South African Social Security Agency to receive their social benefits.
Any subversion of the relationship between grant recipients and the state is likely to seriously affect the most vulnerable and cause a loss of trust in state institutions.
Ensuring that citizens interact securely with public sector organizations is essential to building and maintaining trust. Given the vital developmental and social support roles that the South African state plays, maintaining trust with citizens is of the utmost importance.
Similarly, the importance of state-owned enterprises to South African government revenue and the importance they play in the wider economy means that any disruption in services or damage to trust can have serious adverse effects. negative training.
When citizens do not feel safe using government services or engaging with the state through digital channels, a growing disconnect forms that can undermine government’s ability to support the most vulnerable and deliver services. to citizens.
It is essential that the state invests in appropriate defensive capabilities at multiple levels to help detect threat actors aiming to impersonate public organizations or ministries. Without proper security measures, citizens will be at the mercy of ruthless criminals who will go to great lengths to subvert the hard-earned trust between them and the state.
Moss Gondwe is the Director of Public Sector at Mimecast