By
Digital Editor
2 minute read
07:10

Rise in number of phishing victims

By Nompilo Kunene

Phishing e-mails ask users to click on a link in the e-mail which will direct users to a site designed to fool users into thinking that it is legitimate.

The public has been urged to stay vigilant to avoid falling prey to phishing scams.

This is after a noticeable increase in phishing scams occurred after the Black Friday sales and during the festive season.

Explaining what phishing scams are, Nischal Mewalall, South African Banking Risk Information Centre (Sabric) CEO, said phishing e-mails ask users to click on a link in the e-mail which will direct users to a “spoofed” website — a site designed to fool users into thinking that it is legitimate to obtain, verify or update contact details or other sensitive financial information.

The spoofed website will look almost identical to that of a legitimate or a well-known financial institution. Phishing e-mails, which are a form of spam e-mails, are typically sent in large numbers to consumer e-mail accounts. The criminals send them in the hope of tricking recipients into disclosing their personal information in bogus online platforms on the spoofed websites. All it takes is a few duped individuals to make phishing a profitable business for cybercriminals.

She said that the fault is usually not with the bank’s technology, but with the human factor. “Scam artists are highly skilled at using social engineering, and they use this to manipulate their victims to extract the information necessary to commit most fraud-related crimes.

Criminals are always looking for ways to exploit digital platforms to defraud victims, but the mitigation strategies deployed by banks are very robust, so it is easier to target people, as they are the weakest link.

Tips on avoiding falling victim to phishing scams:
• Do not click on links or icons in unsolicited e-mails.
• Do not reply to these emails. Delete them immediately.
• Do not believe the content of unsolicited emails blindly. If you are worried about what is alleged, use your own contact details to contact the sender to confirm.
• Type in the URL (Uniform Resource Locator or domain names) for your bank in the internet browser if you need to access your bank’s webpage.
• Check that you are on the authentic/real site before entering any personal information.
• If you think that your device might have been compromised, contact your bank immediately.
• Create complicated passwords that are not easy to decipher and change them often.