South Africa has become a top target of cyber attacks globally
Image: Ron AI
South Africa has become a prime target for global cybercriminals, now ranking as the number one country for ransomware attacks and one of the most vulnerable to data theft.
Experts warn that poor digital hygiene, widespread use of piracy sites, and growing internet access without proper cybersecurity education are contributing to the surge in attacks.
As cyber threats escalate, individuals are not just at risk of personal data breaches; they’re also endangering their contacts, finances, and reputations.
Cybersecurity experts, Dotcom Software Solutions, said that South Africa was the number one target of cyberattacks, with 40% of ransomware attacks and nearly 35% of infostealer incidents.
They urged people to use strong, unique passwords and multi-factor authentication, regularly update all software, be cautious of suspicious links and attachments, monitor their financial statements and credit reports for unauthorised activity, and avoid downloading files or clicking links from untrusted sources.
If a breach occurs, victims are advised to notify financial institutions, change their passwords, consider a credit freeze, and file a report.
Security expert Anthony Boucher from Mike Bolhuis Specialised Security Services, said spotting these sites has become easier than it was in the past. The main giveaway of a phishing website is in the address bar.
"When you look at the domain you will find that the address differs from the original website, in that event you should avoid visiting the website and you definitely should not enter any personal information into the website," he said.
"We always suggest that upon receiving a link where you are directed to enter your information, avoid the link and instead visit the actual website from your browser by searching for the site."
Boucher said that there were initiatives to help people stay safe online; however, he warned that people should not act out of desperation and anxiety when seeking help, as some of these sites appear genuine when they are not.
"There are many initiatives, and some of them have even been reported as scams. The problem with the internet is that people visit it, and they are naive in their perception of the internet and the people who use it. You can not believe something by simply seeing it. It will take me approximately a day to set up an exact lookalike of a Facebook website," said Boucher.
"The site will look and feel like Facebook, and you, as the public, can not visit it and enter your personal information into it simply because it looks legitimate. You have to stay informed of the risks. Information is the most powerful weapon against criminal enterprises."
Boucher also challenged people to stop using piracy sites, not only because it puts their online presence at risk, but also because it also stands to harm their reputations.
"Using websites is the online equivalent of walking through a shopping centre where any type of store is allowed," he said.
"Whether you believe it or not, your online activity is available to the sites you visit, and your online history is too. Be very careful about what you reveal about yourself online."
In light of incidents where people fell victim to clickbait scams and their names and numbers were used to scam their contacts,
Boucher indicated that there are ways people can recover their accounts and further indicated that people should not only worry about their safety but that of their contacts, too.
"There is a way to recover your accounts after a breach, but it is a sophisticated process, and security steps need to be taken to not only avoid being hacked again, but also to secure your information," he said.
"The public needs to realise that by compromising their accounts, they are not only placing themselves at risk but also every contact they have. Therefore, you have a responsibility to ensure the safety of your accounts for your sake and for the sake of the people who trust you."
One victim of such click bait scams, Lehlogonolo Ramontja said: "Before I was hacked, I think I clicked on a link, a supposed Clicks link saying I'm going to win a voucher, then later that day I received an SMS from Vodacom saying a sim card was requested with my number, and to notify them if I didn't request it. I didn't take it seriously because I didn't request anything.
"Then the following day at work, I received a call from my friend telling me I'm hacked, because she knows I wouldn't ask for money through cash send," Ramontja said.
"I was then prompted to check my WhatsApp, and unfortunately, I was logged out, and the perpetrator was busy scamming people under my name. Luckily enough, I have two WhatsApp accounts, one on each phone with a different number, and I wrote one message and forwarded it to all my contacts."
Ramontja had to get a SIM swap but never recovered the WhatsApp number.
The Star