SlideShare uma empresa Scribd logo

Cyber Threats in South Africa - Tax Environment

J
Jacqueline Fick

Broad definition and description of cyber crime and threats facing the tax environment within South Africa.

TecnologiaTurismoNegócios
1 de 14
www.pwc.com Cyber Threats in South Africa Adv Jacqueline Fick PwC 22 July 2011
Contents 1.Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories. 2.Phishing. 3.Cyber crime and tax refunds. 4.What to do? 5.Conclusion PwC 2
Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories Cyber crime defined • “…computer crime encompasses the use of a computer as a tool in the perpetration of a crime, as well as situations in which there has been unauthorised access to the victim’s computer, or data. Computer crime also extends to physical attacks on the computer and/or related equipment as well as illegal use of credit cards and violations of automated teller machines, including electronic fund transfer thefts and the counterfeit of hardware and software.” (Credo and Michels) • Watney uses the term cyber crime and defined it as all illegal activities pertaining to a computer system, irrespective of whether the computer is the object of the crime or the instrument with which the crime is committed. • Move in South African law to the use of the term cyber crime which is wide enough to encompass all illegal activities in respect of computers, information networks and cyberspace. PwC 3
Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories Types of cyber crime in South Africa • Unauthorised access (s86(1)) • Unauthorised modification of data and various forms of malicious code (s86(2)) • Denial of service attacks (S86(5)) • Devices used to gain unauthorised access to data (s86(4)) • Computer-related extortion, fraud and forgery (s87) • Child pornography, cyber obscenity and cyber stalking • Copyright infringement • Industrial espionage • Piracy • Online gambling PwC 4
Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories The world of cyber crime • An underground cybercrime economy and cyber black market exists where the cybercriminal can buy, sell, barter or trade criminal skills, tools and your private information, you can buy IDs, credit cards botnet kits. • Cybercriminals are now less hackers and more like offline crime syndicates, such as the Mafia or urban gangs. • One can buy a keystroke logger for about $23 or pay $10 to have someone host a phishing scam, pick up a botnet for just $225, or get a tool that exploits a vulnerability on a banking site for $740 to $3 000. (Cybercrime Exposed Marian Merritt) • What happened in South Africa… • “It’s grown to become a flourishing industry with international syndicates, just like the Mafia” (Pres Jacob Zuma) PwC 5
Phishing • In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. • An online scam that uses e-mail to “fish” for users’ information by imitating legitimate companies. People are lured into sharing user names, passwords, account information or credit-card numbers. The phishing e-mail usually contains a link to a illegitimate site. PwC 6
Phishing (cont.) What statistics show RSA Online Fraud Reports show that South Africa does not fall within the top ten countries hosting phishing attacks, but features high on the list of top ten countries by attack volume. The U.S., UK, and South Africa continue to be the countries that have endured the highest volume of phishing attacks – for 15 consecutive months. Over the past year, the U.S. and UK have absorbed a combined average portion of 65 percent of the attacks. (May 2010 - April 2011). PwC 7
Cyber Crime and Tax Refunds PwC 8
Cyber Crime and Tax Refunds • Warnings from SARS – diligence in tax season • Promise of tax refund, click on link! • Close resemblance to e-filing page • SARS will never ask for your personal details • Do not click on any links – malware, trojans, viruses • Threat of keyloggers and spy software • Criminals steal information to become “you” PwC 9
Cyber Crime and Tax Refunds PwC 10
Cyber Crime and Tax refunds • CIRPRO : • Changing names of directors – electronic lodgement of CM29 • Registering false companies (the PwC example) • Mostly aimed at diverting VAT refunds • Company details should be checked routinely. • Warning signs such as delay in payment of tax refund, odd queries from clients or credit bureaus. PwC 11
What to do? • Regularly check your company details. • www.cipro.gov.za – panel on the left. Search for company name or similar name. • Never respond to unsolicited emails or click on links in the mails. If you haven’t bought a lotto ticket, chances are you did not win anything!!! • If you think that your company has been hijacked keep record of everything you do – disputes with SARS, banks. • Notify your own bank and other banks of information to assist in tracing fraudulent accounts. • Notify CIPRO, SARS and SAPS and your own employees. • Contact your clients to say your details have not changed. PwC 12
Closing remarks • Effectively and efficiently addressing cyber crime requires a shift in paradigm. • Protect information as a valuable asset. • Pro-active vs re-active approach: prevention is better than prosecution. • Always keep abreast of scams and ensure your systems are up to date. • Understand your organisation, your data and the value of IT. • Have appropriate policies and enforcement monitoring in place. • Share experiences PwC 13
It is widely accepted that in today’s technology-driven environment, information is worth a king’s ransom; successful businesses know how to protect and capitalise on it. Information is fast becoming the biggest contributor to the bottom-line and an asset that should be jealously guarded with the same vigour as financial assets. The best of the best employ information technology (IT) and information resources to create competitive advantage and ensure the good governance thereof. Thank you This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers Inc, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2010 PricewaterhouseCoopers (“PwC”), a South African firm, PwC is part of the PricewaterhouseCoopers International Limited (“PwCIL”) network that consists of separate and independent legal entities that do not act as agents of PwCIL or any other member firm, nor is PwCIL or the separate firms responsible or liable for the acts or omissions of each other in any way. No portion of this document may be reproduced by any process without the written permission of PwC.

Recomendados

hs_huuhkaja_uimala_sivu_vs
hs_huuhkaja_uimala_sivu_vshs_huuhkaja_uimala_sivu_vs
hs_huuhkaja_uimala_sivu_vsVeera Saloheimo
 
Presentacion funciones
Presentacion funcionesPresentacion funciones
Presentacion funcionesritacastellanos
 
mišljenje poverenika 1
mišljenje poverenika 1mišljenje poverenika 1
mišljenje poverenika 1Milica Milosevski
 
Tipos de imágenes
Tipos de imágenesTipos de imágenes
Tipos de imágenesalejandrobf99
 
Organised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringOrganised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringJacqueline Fick
 
Table5 unit three
Table5 unit threeTable5 unit three
Table5 unit threebeverlywatola
 
Nevirapine 129618-40-2-api
Nevirapine 129618-40-2-apiNevirapine 129618-40-2-api
Nevirapine 129618-40-2-apiNevirapine-129618-40-2-api
 
Swapnil Narendra Deshpande
Swapnil Narendra DeshpandeSwapnil Narendra Deshpande
Swapnil Narendra DeshpandeSwapnil Deshpande
 

Recomendados

hs_huuhkaja_uimala_sivu_vs
hs_huuhkaja_uimala_sivu_vshs_huuhkaja_uimala_sivu_vs
hs_huuhkaja_uimala_sivu_vsVeera Saloheimo
 
Presentacion funciones
Presentacion funcionesPresentacion funciones
Presentacion funcionesritacastellanos
 
mišljenje poverenika 1
mišljenje poverenika 1mišljenje poverenika 1
mišljenje poverenika 1Milica Milosevski
 
Tipos de imágenes
Tipos de imágenesTipos de imágenes
Tipos de imágenesalejandrobf99
 
Organised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringOrganised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringJacqueline Fick
 
Table5 unit three
Table5 unit threeTable5 unit three
Table5 unit threebeverlywatola
 
Nevirapine 129618-40-2-api
Nevirapine 129618-40-2-apiNevirapine 129618-40-2-api
Nevirapine 129618-40-2-apiNevirapine-129618-40-2-api
 
Swapnil Narendra Deshpande
Swapnil Narendra DeshpandeSwapnil Narendra Deshpande
Swapnil Narendra DeshpandeSwapnil Deshpande
 
New base 810 special 17 march 2016
New base 810 special 17 march 2016New base 810 special 17 march 2016
New base 810 special 17 march 2016Khaled Al Awadi
 
PROJECT REPORT ON
PROJECT REPORT ONPROJECT REPORT ON
PROJECT REPORT ONKarthik Raghava
 
Data leakage detection
Data leakage detection Data leakage detection
Data leakage detection Suveeksha
 
Activites_reduites
Activites_reduitesActivites_reduites
Activites_reduitesFrance Travail
 
L'impact de la démarche de prospection auprès des entreprises
L'impact de la démarche de prospection auprès des entreprisesL'impact de la démarche de prospection auprès des entreprises
L'impact de la démarche de prospection auprès des entreprisesFrance Travail
 
Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...
Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...
Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...France Travail
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detectionSankhadip Kundu
 
Software agents
Software agentsSoftware agents
Software agentsrajsandhu1989
 
Portait statistique du demandeur d'emploi : 20 ans d'évolution
Portait statistique du demandeur d'emploi : 20 ans d'évolutionPortait statistique du demandeur d'emploi : 20 ans d'évolution
Portait statistique du demandeur d'emploi : 20 ans d'évolutionFrance Travail
 
Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Jacqueline Fick
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaJacqueline Fick
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile LawJacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Jacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsJacqueline Fick
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in GovernmentJacqueline Fick
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Mais conteúdo relacionado

Destaque

New base 810 special 17 march 2016
New base 810 special 17 march 2016New base 810 special 17 march 2016
New base 810 special 17 march 2016Khaled Al Awadi
 
Data leakage detection
Data leakage detection Data leakage detection
Data leakage detection Suveeksha
 
L'impact de la démarche de prospection auprès des entreprises
L'impact de la démarche de prospection auprès des entreprisesL'impact de la démarche de prospection auprès des entreprises
L'impact de la démarche de prospection auprès des entreprisesFrance Travail
 
Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...
Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...
Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...France Travail
 
Portait statistique du demandeur d'emploi : 20 ans d'évolution
Portait statistique du demandeur d'emploi : 20 ans d'évolutionPortait statistique du demandeur d'emploi : 20 ans d'évolution
Portait statistique du demandeur d'emploi : 20 ans d'évolutionFrance Travail
 

Destaque (9)

New base 810 special 17 march 2016
New base 810 special 17 march 2016New base 810 special 17 march 2016
New base 810 special 17 march 2016
 
PROJECT REPORT ON
PROJECT REPORT ONPROJECT REPORT ON
PROJECT REPORT ON
 
Data leakage detection
Data leakage detection Data leakage detection
Data leakage detection
 
Activites_reduites
Activites_reduitesActivites_reduites
Activites_reduites
 
L'impact de la démarche de prospection auprès des entreprises
L'impact de la démarche de prospection auprès des entreprisesL'impact de la démarche de prospection auprès des entreprises
L'impact de la démarche de prospection auprès des entreprises
 
Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...
Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...
Montant de l'allocation chômage versée aux demandeurs d'emploi indemnisés par...
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
 
Software agents
Software agentsSoftware agents
Software agents
 
Portait statistique du demandeur d'emploi : 20 ans d'évolution
Portait statistique du demandeur d'emploi : 20 ans d'évolutionPortait statistique du demandeur d'emploi : 20 ans d'évolution
Portait statistique du demandeur d'emploi : 20 ans d'évolution
 

Mais de Jacqueline Fick

Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Jacqueline Fick
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaJacqueline Fick
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile LawJacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Jacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsJacqueline Fick
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in GovernmentJacqueline Fick
 

Mais de Jacqueline Fick (8)

Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile Law
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber Syndicate
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber Syndicate
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnerships
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in Government
 

Último

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 

Último (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 

Cyber Threats in South Africa - Tax Environment

  • 1. www.pwc.com Cyber Threats in South Africa Adv Jacqueline Fick PwC 22 July 2011
  • 2. Contents 1.Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories. 2.Phishing. 3.Cyber crime and tax refunds. 4.What to do? 5.Conclusion PwC 2
  • 3. Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories Cyber crime defined • “…computer crime encompasses the use of a computer as a tool in the perpetration of a crime, as well as situations in which there has been unauthorised access to the victim’s computer, or data. Computer crime also extends to physical attacks on the computer and/or related equipment as well as illegal use of credit cards and violations of automated teller machines, including electronic fund transfer thefts and the counterfeit of hardware and software.” (Credo and Michels) • Watney uses the term cyber crime and defined it as all illegal activities pertaining to a computer system, irrespective of whether the computer is the object of the crime or the instrument with which the crime is committed. • Move in South African law to the use of the term cyber crime which is wide enough to encompass all illegal activities in respect of computers, information networks and cyberspace. PwC 3
  • 4. Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories Types of cyber crime in South Africa • Unauthorised access (s86(1)) • Unauthorised modification of data and various forms of malicious code (s86(2)) • Denial of service attacks (S86(5)) • Devices used to gain unauthorised access to data (s86(4)) • Computer-related extortion, fraud and forgery (s87) • Child pornography, cyber obscenity and cyber stalking • Copyright infringement • Industrial espionage • Piracy • Online gambling PwC 4
  • 5. Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories The world of cyber crime • An underground cybercrime economy and cyber black market exists where the cybercriminal can buy, sell, barter or trade criminal skills, tools and your private information, you can buy IDs, credit cards botnet kits. • Cybercriminals are now less hackers and more like offline crime syndicates, such as the Mafia or urban gangs. • One can buy a keystroke logger for about $23 or pay $10 to have someone host a phishing scam, pick up a botnet for just $225, or get a tool that exploits a vulnerability on a banking site for $740 to $3 000. (Cybercrime Exposed Marian Merritt) • What happened in South Africa… • “It’s grown to become a flourishing industry with international syndicates, just like the Mafia” (Pres Jacob Zuma) PwC 5
  • 6. Phishing • In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. • An online scam that uses e-mail to “fish” for users’ information by imitating legitimate companies. People are lured into sharing user names, passwords, account information or credit-card numbers. The phishing e-mail usually contains a link to a illegitimate site. PwC 6
  • 7. Phishing (cont.) What statistics show RSA Online Fraud Reports show that South Africa does not fall within the top ten countries hosting phishing attacks, but features high on the list of top ten countries by attack volume. The U.S., UK, and South Africa continue to be the countries that have endured the highest volume of phishing attacks – for 15 consecutive months. Over the past year, the U.S. and UK have absorbed a combined average portion of 65 percent of the attacks. (May 2010 - April 2011). PwC 7
  • 8. Cyber Crime and Tax Refunds PwC 8
  • 9. Cyber Crime and Tax Refunds • Warnings from SARS – diligence in tax season • Promise of tax refund, click on link! • Close resemblance to e-filing page • SARS will never ask for your personal details • Do not click on any links – malware, trojans, viruses • Threat of keyloggers and spy software • Criminals steal information to become “you” PwC 9
  • 10. Cyber Crime and Tax Refunds PwC 10
  • 11. Cyber Crime and Tax refunds • CIRPRO : • Changing names of directors – electronic lodgement of CM29 • Registering false companies (the PwC example) • Mostly aimed at diverting VAT refunds • Company details should be checked routinely. • Warning signs such as delay in payment of tax refund, odd queries from clients or credit bureaus. PwC 11
  • 12. What to do? • Regularly check your company details. • www.cipro.gov.za – panel on the left. Search for company name or similar name. • Never respond to unsolicited emails or click on links in the mails. If you haven’t bought a lotto ticket, chances are you did not win anything!!! • If you think that your company has been hijacked keep record of everything you do – disputes with SARS, banks. • Notify your own bank and other banks of information to assist in tracing fraudulent accounts. • Notify CIPRO, SARS and SAPS and your own employees. • Contact your clients to say your details have not changed. PwC 12
  • 13. Closing remarks • Effectively and efficiently addressing cyber crime requires a shift in paradigm. • Protect information as a valuable asset. • Pro-active vs re-active approach: prevention is better than prosecution. • Always keep abreast of scams and ensure your systems are up to date. • Understand your organisation, your data and the value of IT. • Have appropriate policies and enforcement monitoring in place. • Share experiences PwC 13
  • 14. It is widely accepted that in today’s technology-driven environment, information is worth a king’s ransom; successful businesses know how to protect and capitalise on it. Information is fast becoming the biggest contributor to the bottom-line and an asset that should be jealously guarded with the same vigour as financial assets. The best of the best employ information technology (IT) and information resources to create competitive advantage and ensure the good governance thereof. Thank you This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers Inc, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2010 PricewaterhouseCoopers (“PwC”), a South African firm, PwC is part of the PricewaterhouseCoopers International Limited (“PwCIL”) network that consists of separate and independent legal entities that do not act as agents of PwCIL or any other member firm, nor is PwCIL or the separate firms responsible or liable for the acts or omissions of each other in any way. No portion of this document may be reproduced by any process without the written permission of PwC.