Hacked e-mail cause for recent panic in Potchefstroom
"I want to make it clear that we were not compromised in a way that leaked people's personal information, other than their e-mail addresses," Johan Naude states.
Johan Naude, CEO at Cachetpark City Improvement District (CID), recently suffered an attack on his work e-mail address.
Emails were sent from his email address, yesterday 3 April, to over 700 email addresses containing false information and a phishing link.
Johan mentioned that people whom he never had direct e-mail contact with, received the phishing e-mail.
Johan recounts his moments of panic. “I was busy sending e-mails and noticed that none of them are going through. The next moment people started phoning me and sending text messages asking if I sent them an e-mail stating that they owe me money.”
The e-mails contained his CID e-mail signature; the landline and his cell phone number were slightly changed. Johan adds that at first, he thought the hacker copied his signature, but was shocked when he discovered that all the emails were sent from his server.
“I just want to reassure everyone that no private information of anyone involved was leaked. The only information the hacker has, is the e-mail addresses,” Johan stated.
Johan called in the help of Réno Pretorius at Entrutech who contained the situation and started working on a solution and added safety. Réno has been working in the industry for 26 years and is a bottomless pit of information on the topic.
Réno explained phishing as the start of all hacking. “The phishing industry is approximately one trillion dollar per year. All your personal information is being gathered and sold on the dark web.” He adds that according to statistics, South Africa and Africa is the country and continent that is third most affected by cyber-attacks in the world. “We are not educated enough on the subject,” Réno states.
Réno shared advice that should be implemented at businesses as well as your personal life. Réno adds that these safety measures can’t prevent a cyber-attack, but can make it very hard for a hacker to gain access to your information. “If it’s hard to gain access to your information, a hacker is likely to move on and look for an easier target,” Reno stated.
A list of safeguards that Réno advises for technology users:
– Have an antivirus program, and make sure that the program updates continuously.
– Have multifactor authentication on your applications, websites, e-mail accounts, etc. Multifactor authentication refers to two-step authentication processes such as a one-time password (OTP), fingerprint, pins, etc.
– Recommended multifactor authentication applications are Google Authenticator and Microsoft Authenticator.
– All your passwords should be difficult passwords.
– If you are working in a business environment, ensure that your security is set up the right way. You can contact professionals in this field to ensure that this is done.
– Never, ever do online services such as online banking, or anything that needs a password to access on public or open internet or Wi-Fi.
Safeguards specifically for e-mails:
– If you get an e-mail containing a link, do not click on it, even if you are familiar with the sender.
– Before opening a link, hover with your mouse over the link to see if you can determine where the link will lead. See the example below.
– Do not open links in e-mails on your phone as you cannot hover above a link on your phone.
Johan adds that the incident acted as an eye-opener for him and that he wishes for everyone to be educated on the subject so that they can better protect themselves and their businesses.
