‘Be vigilant’ warns CEO after losing R300k in email scam

Goliath and Goliath CEO Kate Goliath is encouraging small businesses to ramp up security measures after her comedy and entertainment agency fell victim to invoice intercepting as a result of email hacking.

Goliath and Goliath is out of pocket of more than R300 000, while its subsidiary The PR Bailiff, has been scammed out of R20 000.

The hackers gained access to the company’s emails and requested clients to make payments to a different bank account.

Goliath told Fin24 that small businesses shouldn’t just rely on tech companies to educate them about cybercrime. 

“Find out as much information about how hackers get into the systems so that you are aware of what service providers need to offer,” she said.

“Be vigilant. Protect your business and insure the technical side of your business as well.”

The company opened a case with the police and is in the process of sending a subpoena to the bank where the funds have been deposited.

Afrihost said it will work with the police to further investigate the incident. “We strongly believe this was a case of phishing,” a representative told Fin24.

Entertainment and media high risk for cyber crime

“We have noticed that some banks are posting warnings before a client makes a payment to verify that the bank details they’re using are correct. We assume that this is because of an increase in these types of phishing attacks.”

Cyber incidents rank top in the entertainment and media, financial services, technology and telecommunications industries, according to the Allianz Risk Barometer 2018.

The report revealed that cyber incidents remain a top threat with 38% of responses for South African businesses, which is reported to lose billions of rands a year to cyber attacks.

Craig Rosewarne, Managing Director at Wolfpack Information Risk, which is a threat intelligence firm that specialises in understanding and predicting cyber threats, said small and medium businesses are just as vulnerable as big businesses when it comes to hacking.

“Their challenge however is that security is often the last thought until they get stung and end up either losing a substantial amount of money or leaking their customer’s sensitive data,” he told Fin24.

Wolfpack has assisted many small and medium sized businesses whose invoices have been hacked, said Roseware. In this regard it has found three common causes:

1. Attackers will perform reconnaissance on key individuals in IT / Finance / Execs and send a targeted spear phishing email to target their machines for access or further information

2. Spyware is loaded on their devices that record keystrokes and take screenshots for the attacker

3. Compromising their online hosting / email platform and adding in rules for any email that has the word “invoice” or “payment” – to send a duplicate email to the attacker’s gmail or “burner” account.

Tips for companies

Roseware suggested that companies under attack should conduct an independent risk assessment and obtain guidance on how to mitigate risk.

“Employees should also be made aware of risks and this should be backed up with an information security policy signed by staff and contractors.”

He also stressed the importance of having up to date anti-malware software on all devices that process sensitive information.

Cyber risk is fast becoming the number one risk facing countries, governments and organisations, noted Roseware.

“In all of these scenarios it often boils down to an individual that gets compromised so cyber awareness is key in both your business and personal lives.” — Fin 24

Advertisting

South Africa could use a communist party

The SACP is not building socialism, or even social democracy. Sadly, it has become just another party advancing the politics of patronage

OUTvest ‘fires shots’ at the industry

New offering has all the retirement annuity features, but charges rock-bottom fees

Treasury is still seeking SAA funds

The government has committed an additional R2-billion to the airline, but has yet to pay it out

‘There were no marks on his neck’, Neil Aggett inquest...

The trade unionist’s partner at the time he was detained at John Vorster Square says she now believes his death was not a suicide
Advertising

Press Releases

MiX Telematics enhances in-vehicle video camera solution

The company has launched the gold MiX Vision Bureau Service, which includes driver-coaching tools to ensure risky driver behaviour can be addressed proactively and efficiently.

Boosting safety for cargo and drivers

The use of a telematics system for fleet vehicles has proved to be an important tool in helping to drive down costs and improve efficiency, says MiX Telematics Africa.

Silencing the guns and firearms amnesty

Silencing the guns and firearms amnesty

Gender-based violence is an affront to our humanity

Gender-based violence is an affront to our humanity

UK-Africa investment summit 2020: Think Africa Invest SA

UK-Africa investment summit 2020: Think Africa Invest SA

MTN unveils TikTok bundles

Customised MTN TikTok data bundles are available to all prepaid customers on *136*2#.

Marketers need to reinvent themselves

Marketing is an exciting discipline, offering the perfect fit for individuals who are equally interested in business, human dynamics and strategic thinking. But the...

Upskill yourself to land your dream job in 2020

If you received admission to an IIE Higher Certificate qualification, once you have graduated, you can articulate to an IIE Diploma and then IIE Bachelor's degree at IIE Rosebank College.