Biggest online threats in South Africa

Phishing, online shopping scams, and mobile malware are among the biggest online threats to South African residents, with attempts to install cryptocurrency miners on users’ devices also being fairly common in the country.
This is according to Kaspersky principal security researcher David Emm, who told MyBroadband that web threats, in general, are often made possible by end-user vulnerabilities, web service developers, and web services themselves.
“Regardless of intent or cause, the consequences of a web threat may damage both individuals and organisations,” he said.
He noted that between July and September 2024, South Africa ranked 28th in the world in terms of the risk of being attacked by web-borne threats.
According to Emm, Kaspersky products blocked nearly 3.4 million different Internet-borne threats on computers connected to the Kaspersky Security Network in South Africa.
“Overall, 23.8% of users were attacked by web-borne threats during this period,” he said.
Phishing and scam websites are on the rise on a global scale, with Kaspersky’s anti-phishing system blocking more than 709 million attempts to access such sites in 2023, a 40% increase compared to the year before.
Emm explained that South Africans should beware of phishing messages, which typically take the form of fake notifications from banks, providers, payment systems, and other organisations.
These messages try to coerce the recipient to provide or update their personal data urgently, usually through a fraudulent link or by asking them to respond directly to the message.
Online shopping scams are also a major threat, with online stores being the most targeted category in 2023.
According to Kaspersky’s global financial cyber threats report for 2023, malicious actors presenting themselves as legitimate online stores account for 41.65% of all financial phishing pages.
“Fraudsters impersonated popular online store websites, such as Amazon, eBay and Shopify, as well as brand websites and popular streaming services, such as Spotify and Netflix,” said Emm.
“Consumers in South Africa can be susceptible to such scams and must be vigilant.”
A rapidly growing online threat in South Africa relates to mobile cybersecurity. In 2023, mobile threats in South Africa increased by 104% over the previous year.
Emm noted that Kaspersky data shows that mobile threat detections in the Middle East, Turkey, and Africa region increased by 22% year-on-year in 2023.
“Among the most prevalent mobile threats that were detected on mobile devices in the Middle East, Turkiye and Africa region were adware, spyware, and mobile banking trojans,” he said.
“Spyware can steal data from an infected smartphone, a list of contacts and user account information on the device, documents, and also record from a device’s microphone upon command.”
He added that another form of malicious software, adware, may seem harmless. However, it can spam users with ads, drain battery life, or access sensitive data in some scenarios.

Protecting yourself online
Emm highlighted a multitude of proactive measures that users can take to avoid falling victim to various types of cyber threats, including keeping software up-to-date, verifying URLs and senders, and being generally aware of the threats that are out there.
Regarding phishing attempts, Kaspersky recommends that users only open emails and click links when they are sure they can trust the sender.
Moreover, if the sender is legitimate but the content of the message seems unusual, it is best to contact that person via an alternative means of communication to verify that they sent the message.
To prevent yourself from falling victim to online shopping scams or phishing pages posing as popular retailers, it is critical that you look at the URL closely to ensure there are no mistakes that may be hard to spot at first glance.
“If you have any doubt, don’t click the link; instead type the address yourself using the known, trusted URL for that online service,” said Emm.
Regarding software downloads on computers or mobile devices, only download programs or applications from official stores or the vendor’s website.
“Apps from these markets are not 100% failsafe, but at least they get checked by the moderators and there is some filtration system — not every app can get onto these stores,” said Emm.
Furthermore, it is important to check the permissions granted to apps on your devices and to think carefully before providing apps with high-risk permissions, such as Accessibility Services.
Kaspersky also recommends that users install a comprehensive security solution and make use of strong passwords and password managers.