According to INTERPOL’s 2022 Africa Cyberthreat Assessment report, South Africa leads the continent in the number of cybersecurity threats identified.
In 2022, the country had 230 million threat detections in total. In second place was Morocco at 71 million.
Of the 230 million detected threats in the country, 219 million were e-mail-related threats. South Africa also had the highest targeted ransomware and business email compromise (BEC) attempts.
The exploitation of these cyber vulnerabilities within South Africa was further highlighted by Accenture, who identified that South Africa has the third highest number of cybercrime victims worldwide, at a cost of R2.2 billion a year.
The scale of cyber criminality in the country is further evidenced by the fact that the country saw a 100% increase in mobile banking application fraud and is estimated to suffer 577 malware attacks an hour.
The South African Banking Risk Information Centre (SABRIC) reported that “gross fraud losses on South African-issued cards increased by 20.5% from 2018 to 2019” due to CNP fraud and banking malware attacks, positioning South Africa as second only to Russia in this regard.
In fraud cases like this, stolen data from carding scams is auctioned off to the highest bidder or sold within underground forums – meaning unsuspecting victims of credit card fraud in the African region may have their credit card information misused globally following the breach.
Another growing concern for South Africa is cryptocurrency scams, in which threat actors seek to defraud victims of their cryptocurrency. Over the last year, South Africa has recorded two large-scale crypto scams.
The first was a Ponzi scheme where thousands of investors were allegedly scammed out of $588 million in Bitcoin by the company Mirror Trading International in 2020. The second case involved the trading company Africrypt, whose founders allegedly absconded with $3.6 billion from investors in April 2021.
Cryptocurrency scams are quite lucrative in South Africa, which is in the top ten list of countries worldwide where threat actors received the highest volume of cryptocurrency from illicit addresses.
In addition to investment scams, a growing threat in the cryptocurrency space is that of wallet phishing, where threat actors utilize false or misleading advertisements, imposter domains, fake wallets or decentralized finance platforms to obtain a victim’s cryptocurrency wallet private keys, thus enabling them to steal funds from the victim’s accounts.
According to the report, South Africa was also the country most heavily affected by targeted ransomware in the first quarter of 2021, with a variety of families such as Crysis, Nefilim, Ryuk, Clop, and Conti ransomware noted in the attacks. Egypt was the next hardest-hit country with a similar profile of targeted ransomware detection, while Tunisia was the third most affected country.
With an internet penetration rate of over 70%, it would seem as though the large number of South Africans online provides an opportunity for cybercriminals to take advantage of unsuspecting internet users.