‘Be vigilant’ warns CEO after losing R300k in email scam

Goliath and Goliath CEO Kate Goliath is encouraging small businesses to ramp up security measures after her comedy and entertainment agency fell victim to invoice intercepting as a result of email hacking.

Goliath and Goliath is out of pocket of more than R300 000, while its subsidiary The PR Bailiff, has been scammed out of R20 000.

The hackers gained access to the company’s emails and requested clients to make payments to a different bank account.

Goliath told Fin24 that small businesses shouldn’t just rely on tech companies to educate them about cybercrime. 

“Find out as much information about how hackers get into the systems so that you are aware of what service providers need to offer,” she said.


“Be vigilant. Protect your business and insure the technical side of your business as well.”

The company opened a case with the police and is in the process of sending a subpoena to the bank where the funds have been deposited.

Afrihost said it will work with the police to further investigate the incident. “We strongly believe this was a case of phishing,” a representative told Fin24.

Entertainment and media high risk for cyber crime

“We have noticed that some banks are posting warnings before a client makes a payment to verify that the bank details they’re using are correct. We assume that this is because of an increase in these types of phishing attacks.”

Cyber incidents rank top in the entertainment and media, financial services, technology and telecommunications industries, according to the Allianz Risk Barometer 2018.

The report revealed that cyber incidents remain a top threat with 38% of responses for South African businesses, which is reported to lose billions of rands a year to cyber attacks.

Craig Rosewarne, Managing Director at Wolfpack Information Risk, which is a threat intelligence firm that specialises in understanding and predicting cyber threats, said small and medium businesses are just as vulnerable as big businesses when it comes to hacking.

“Their challenge however is that security is often the last thought until they get stung and end up either losing a substantial amount of money or leaking their customer’s sensitive data,” he told Fin24.

Wolfpack has assisted many small and medium sized businesses whose invoices have been hacked, said Roseware. In this regard it has found three common causes:

1. Attackers will perform reconnaissance on key individuals in IT / Finance / Execs and send a targeted spear phishing email to target their machines for access or further information

2. Spyware is loaded on their devices that record keystrokes and take screenshots for the attacker

3. Compromising their online hosting / email platform and adding in rules for any email that has the word “invoice” or “payment” – to send a duplicate email to the attacker’s gmail or “burner” account.

Tips for companies

Roseware suggested that companies under attack should conduct an independent risk assessment and obtain guidance on how to mitigate risk.

“Employees should also be made aware of risks and this should be backed up with an information security policy signed by staff and contractors.”

He also stressed the importance of having up to date anti-malware software on all devices that process sensitive information.

Cyber risk is fast becoming the number one risk facing countries, governments and organisations, noted Roseware.

“In all of these scenarios it often boils down to an individual that gets compromised so cyber awareness is key in both your business and personal lives.” — Fin 24

Subscribe to the M&G

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years, and we’ve survived right from day one thanks to the support of readers who value fiercely independent journalism that is beholden to no-one. To help us continue for another 35 future years with the same proud values, please consider taking out a subscription.

Related stories

Beware, the cybervirus criminals want you

During times of crisis, people turn to trusted sources for accurate information. This leaves them vulnerable to cybercriminals

Robby Collins: The Son of Carol gets personal

Drawing inspiration from his personal experiences, comic Robby Collins is landing knockout punches to the nation’s collective funny bone

Cybercriminals thrive on silence

A draft Bill aims to bring the growing threat of cybercrime into the open and provide the legal means to fight it.

Beware of World Cup live streaming

Looking for live broadcasts of the 2014 Fifa World Cup on the internet can cost money or leave a malicious programme on your computer, experts warn.

The botnet that stole two-million passwords

Researchers have uncovered information about a botnet found to have stolen two-million passwords from social networks and other online services.

Cybercrime ‘national crisis’ costing SA R1b a year

Experts say South Africa's "paper thin" law enforcement has made the country fertile ground for cybercriminals, a problem that is costing SA billions.
Advertising

Subscribers only

SAA bailout raises more questions

As the government continues to grapple with the troubles facing the airline, it would do well to keep on eye on the impending Denel implosion

ANC’s rogue deployees revealed

Despite 6 300 ANC cadres working in government, the party’s integrity committee has done little to deal with its accused members

More top stories

The Nigerian government is killing its citizens — again

‘Nigeria kills its people. Nigeria has always killed its people.’

Finance probe into the Ingonyama Trust Board goes ahead

The threat of legal action from ITB chairperson Jerome Ngwenya fails to halt forensic audit ordered by the land reform minister

Ailing Far East Rand hospital purchases ‘vanity’ furniture

Dr Zacharia Mathaba, who purchased the furniture, is a suspected overtime fraudster and was appointed as Gauteng hospital chief executive despite facing serious disciplinary charges

Institutions of higher learning should commemorate their casualties

The bust of Matikweni Nkuna at Tshwane University of Technology is an example of how we should honour those who fought for equal access to education
Advertising

press releases

Loading latest Press Releases…

The best local and international journalism

handpicked and in your inbox every weekday