Posted on December 07, 2015
What is cybercrime?
Cybercrime includes all criminal activities carried out by means of computers or the Internet. It has many forms and includes online identity theft, financial fraud, stalking, bullying, hacking, email spoofing, information piracy and forgery, and intellectual property crime.
The online black market is said to have become more profitable than the illegal drug trade, with a wide range of cyber-criminals selling malware, toolkits and data records that enable their customers to launch fairly elaborate and advanced cyberattacks.
The IT security market is growing along with these threats, with security providers trying to keep up with each new cybercrime trick. However, as security tools improve and it becomes more difficult to penetrate the perimeter of institutions’ networks, hackers are focussing more and more on the weak link – unsuspecting humans who can be enticed and cajoled into cooperating willingly, unintentionally and unknowingly. Victims of cybercrime stand to lose substantial volumes of money and data; and their privacy, reputation and even personal safety may be compromised.
Financial fraud
As banking scams account for a significant portion of online financial fraud in South Africa, they will be used as an example to illustrate how this type of cybercrime is executed.
The scam usually starts by getting the targeted victims to surrender their online banking passwords and login details via a phishing email or phone call. To make the phishing attempt more authentic, the criminals behind the attack may use personalised data collected from information that is freely available on the Internet, especially on social media such as Facebook and Twitter.
To complete the attack, a SIM swap is done on the victim’s cell phone account, either through identity theft or with the collaboration of an employee working for a cell phone service provider. Once this has been done, the fraudster can go ahead and empty the victim’s bank account.
Other types of cybercrime (eg advance fee scams, selling of non-existent products, non-existent lotto winnings, non-existent inheritances in a foreign country) follow a similar pattern. An email is sent to hook the unsuspecting victim, and then very clever manipulation techniques are used to extract money from the victim.
Malware
In addition to phishing, criminals sometimes use malware, such as keylogging software or software that enables remote access to a user device, to collect passwords and other information from personal computing devices. The malware infection may have happened when a person opened an email attachment, clicked on a download or advert on the Internet, or simply visited a website infected with malware that attacks visitors. Fraudsters may also call the targeted victim by phone, claiming that a problem on the person’s computer was identified and offering to solve the problem. Such help is offered by way of remote access to the victim’s computer which, once given, is then used to plant malware on the device.
A very dangerous type of malware that is on the rise is called ransomware. If this is installed on your device, it will encrypt all your data files and then request a ransom to be paid in exchange for the encryption key. Victims have the choice to either pay the ransom or to lose all the data on their computer.
Other types
For other types of cybercrime, visit http://en.wikipedia.org/wiki/Cybercrime.
For more detailed tips and advice, read ‘The cybercrime survival guide’ by Wolfpack Information Risk and available at http://www.wolfpackrisk.com/publications/
Victims of financial fraud will notice unexpected payments from their bank accounts. Keep an eye on your monthly statements and look for unusual or unauthorised transactions or behaviours.
Malware infections are more difficult to identity. The following may be signs of such infections:
More information on this topic is available at
If you become a victim of any type of cybercrime, you should report it to the South African Police Service.
The following websites have more information on reporting cybercrime, general crime, software piracy, scams, and spam:
Listed below are some other websites with very valuable information on cybercrime and protection against cybercrime:
This is an awareness portal intended for informational purposes. The site provides access to relevant and trusted local and international resources aimed at educating individuals at all levels. The site also features help for reporting suspected illegal activities. Cybercrime.org.za is part of an independent, non-commercial initiative borne out of the need, identified over the past decade, to pool resources to address the criminal exploitation of ICT in South Africa and Africa at large. (See ISC AFRICA.)
This website is run by the US federal government with the objective of helping people to be safe, secure and responsible online. It contains information on scams to be avoided, how to secure your computer, how to protect children online, how to use public Wi-Fi networks, etc.
The SANS Institute was established in 1989 as a cooperative research and education organisation. It focusses on technical computer security training and certification, but also recognises the need of awareness training for non-technical individuals to ensure information security across an entire organisation. ‘OUCH!’ is the SANS security awareness newsletter for the common computer user. Each issue focusses on and explains a specific topic and provides steps people can take to protect themselves, their family and their organisation. The link above points to the newsletter archive.
A list of websites that can assist South African users with information on cybercrime and related internet safety.
Copyright © University of Pretoria 2024. All rights reserved.
Get Social With Us
Download the UP Mobile App