2. Contents
1.Understanding the origins and characteristics of South Africa’s most
prevalent cyber crime categories.
2.Phishing.
3.Cyber crime and tax refunds.
4.What to do?
5.Conclusion
PwC 2
3. Understanding the origins and characteristics of South
Africa’s most prevalent cyber crime categories
Cyber crime defined
• “…computer crime encompasses the use of a computer as a tool in the
perpetration of a crime, as well as situations in which there has been
unauthorised access to the victim’s computer, or data. Computer
crime also extends to physical attacks on the computer and/or related
equipment as well as illegal use of credit cards and violations of
automated teller machines, including electronic fund transfer thefts
and the counterfeit of hardware and software.” (Credo and Michels)
• Watney uses the term cyber crime and defined it as all illegal
activities pertaining to a computer system, irrespective of whether the
computer is the object of the crime or the instrument with which the
crime is committed.
• Move in South African law to the use of the term cyber crime which is
wide enough to encompass all illegal activities in respect of
computers, information networks and cyberspace.
PwC 3
4. Understanding the origins and characteristics of South
Africa’s most prevalent cyber crime categories
Types of cyber crime in South Africa
• Unauthorised access (s86(1))
• Unauthorised modification of data and various forms of malicious
code (s86(2))
• Denial of service attacks (S86(5))
• Devices used to gain unauthorised access to data (s86(4))
• Computer-related extortion, fraud and forgery (s87)
• Child pornography, cyber obscenity and cyber stalking
• Copyright infringement
• Industrial espionage
• Piracy
• Online gambling
PwC 4
5. Understanding the origins and characteristics of South
Africa’s most prevalent cyber crime categories
The world of cyber crime
• An underground cybercrime economy and cyber black market exists
where the cybercriminal can buy, sell, barter or trade criminal skills,
tools and your private information, you can buy IDs, credit cards
botnet kits.
• Cybercriminals are now less hackers and more like offline crime
syndicates, such as the Mafia or urban gangs.
• One can buy a keystroke logger for about $23 or pay $10 to have
someone host a phishing scam, pick up a botnet for just $225, or get a
tool that exploits a vulnerability on a banking site for $740 to $3 000.
(Cybercrime Exposed Marian Merritt)
• What happened in South Africa…
• “It’s grown to become a flourishing industry with international
syndicates, just like the Mafia” (Pres Jacob Zuma)
PwC 5
6. Phishing
• In the field of computer security, phishing is the criminally
fraudulent process of attempting to acquire sensitive information
such as usernames, passwords and credit card details by
masquerading as a trustworthy entity in an electronic
communication.
• An online scam that uses e-mail to “fish” for users’ information by
imitating legitimate companies. People are lured into sharing user
names, passwords, account information or credit-card numbers.
The phishing e-mail usually contains a link to a illegitimate site.
PwC 6
7. Phishing (cont.)
What statistics show
RSA Online Fraud Reports show that South Africa does not fall within
the top ten countries hosting phishing attacks, but features high on the
list of top ten countries by attack volume.
The U.S., UK, and South Africa continue to be the countries that have
endured the highest volume of phishing attacks – for 15 consecutive
months. Over the past year, the U.S. and UK have absorbed a combined
average portion of 65 percent of the attacks. (May 2010 - April 2011).
PwC 7
9. Cyber Crime and Tax Refunds
• Warnings from SARS – diligence in tax season
• Promise of tax refund, click on link!
• Close resemblance to e-filing page
• SARS will never ask for your personal details
• Do not click on any links – malware, trojans, viruses
• Threat of keyloggers and spy software
• Criminals steal information to become “you”
PwC 9
11. Cyber Crime and Tax refunds
• CIRPRO :
• Changing names of directors – electronic lodgement of CM29
• Registering false companies (the PwC example)
• Mostly aimed at diverting VAT refunds
• Company details should be checked routinely.
• Warning signs such as delay in payment of tax refund, odd queries
from clients or credit bureaus.
PwC 11
12. What to do?
• Regularly check your company details.
• www.cipro.gov.za – panel on the left. Search for company name or
similar name.
• Never respond to unsolicited emails or click on links in the mails. If
you haven’t bought a lotto ticket, chances are you did not win
anything!!!
• If you think that your company has been hijacked keep record of
everything you do – disputes with SARS, banks.
• Notify your own bank and other banks of information to assist in
tracing fraudulent accounts.
• Notify CIPRO, SARS and SAPS and your own employees.
• Contact your clients to say your details have not changed.
PwC 12
13. Closing remarks
• Effectively and efficiently addressing cyber crime requires a shift in
paradigm.
• Protect information as a valuable asset.
• Pro-active vs re-active approach: prevention is better than
prosecution.
• Always keep abreast of scams and ensure your systems are up to date.
• Understand your organisation, your data and the value of IT.
• Have appropriate policies and enforcement monitoring in place.
• Share experiences
PwC 13