- South Africa remains one of the top five countries in the world in terms of phishing attack volumes and financial losses.
- Trojan attacks as well as phishing are becoming more sophisticated and advanced.
- With the continued adoption of mobility, cyber-criminals are compelled to move malware to mobile platforms.
South Africa remains one of the top five countries in the world in terms of phishing attack volumes and financial losses, right behind the UK, US, Canada and India.
Moran Adrian, Cyber Solutions Project Manager at RSA, the Security Division of EMC, says that the number of Trojan attacks is increasing, even though we see less commercial malware offerings in the underground forums.
In matters of Phishing, Adrian mentioned the fact that cybercriminals are opportunistic in a sense that they are changing their attack methods seasonally. In South Africa for example, tax season is high risk for many people. Cybercriminals perform phishing attacks on the SARS website, send a fake tax refund advice to the victim, and take the tax refund for themselves.
Similarly, there have been cases of fraud methods especially for the summertime; fake holiday rentals, fake flight bookings and even fake discounts on products which will never be delivered.
Moving forward to Trojan malware advancement, a remarkable trend is account takeover attacks. ”Account takeover attacks are also on the rise; financial losses from these attacks are increasing at about 10%-20% per year” says Adrian. These attacks are designed to take over the victim’s bank account in order to empty it of funds.
With PC malware in mind, mobile malware is on the rise as well. From 2011 to 2012, malware on the Android operating system increased by a staggering 35,000%. “This is a real threat – as it took Android malware only 4 years to reach volumes that took PC-based malware almost 14 years to achieve” Adrian says. “The malware primarily consists of premium number abusing, adware and data stealers.”
Another emerging threat is Hacktivism which started gaining momentum in 2011. Hacktivism become a major disruptive threat and a digital outlet for expressing controversial opinions. Hacktivists generally aim to disrupt business causing either direct or indirect financial losses, and of course reputational damage. Their tool of choice is DDoS (Distributed-Denial-of-Service) capable of bringing down websites for hours, days and sometimes weeks. They are also known to publish personal data relating to senior executives (known as d0xing) and dump large amounts of data from their target’s databases, again in an attempt to disrupt and cause reputational damage.