(Updated 19 January 2023)
The Internet has become a vital part in the functioning of our everyday lives, from emails, websites, online shopping, social media, mobile apps, and so much more. However, with progress comes risk, as more and more South African households gain access to the internet, the risk of cyber fraud increases.
We have seen a continual rise in online fraud cases in the last few years ranging from ransomware, malware, phishing scams, and fraudulent websites just to name a few. Therefore, it has become imperative to educate new and experienced internet users about the risks associated with cyber fraud and provide useful anti-fraud practices.
With this in mind, we take a look at how you can fight the growing risk of cyber fraud by providing you with resources to use in case you encounter fraudulent websites, what to do if you’ve fallen victim to online fraud and 5 housekeeping measures you can take to help keep your home and business safe.
What to do if you discover a fraudulent South African website?
The most effective way to stop a fraudulent website in South Africa is to request a “Take-down Notice” – to have that site removed from the Internet. Lodging for a Take-down Notice can be done on the official ISPA (Internet Service Providers’ Association) website. The ISPA allows concerned service providers, businesses, domain administrators and internet users to fight the growing risk of phishing and fraudulent South African websites.
The ISPA is a voluntary association and, therefore, the fraudulent site may not be hosted by an ISPA member. If you are unsure of which company is hosting the domain, you can select the “unknown” target option. In these cases, the ISPA will assist in finding relevant information – and gaining access – to the criminal website, removing content hosted by registered, South African ISPs. It can’t, however, deactivate the domain name or obtain identifying information about the fraudster.
How do you report .ZA domain names that are being used for fraud?
ZA Central Registry (ZACR) is a non-profit company that manages second-level domain names which support local businesses and organisations websites. They, currently, administer over 1.25 million ZA domains, such as co.za, org.za, net.za, web.za, as well as other geographic domain names (.africa, .capetown, .durban and .joburg).
If you identify a scam website ending in some variation of the .za subdomain, you can report the malicious internet activity to the ZACR. After completing and uploading the complaint form, ZACR will begin an investigation into the potentially fraudulent site, you may be asked for additional information regarding the suspected scam.
ZACR will use their extensive digital infrastructure to zero-in on the nefarious actors by investigating the complaint and taking the necessary steps to remove the .ZA website.
What if a fraudster is using a domain name pretending to be my company?
Being a modern company will, usually, entail cultivating a significant and intentional online presence. This can be exploited by online criminals who could register a very similar web address or .za subdomain in order to defraud you and your customers.
If you are concerned that a fraudster is pretending to represent your business, you can pursue a domain dispute with the relevant domain authorities. Internet service providers and domain administrators are all considerate of the security and reliability of the sites that they host.
For a South African domain name dispute, you might consider a simpler route, by reporting it like any other phishing or fraudulent site. However, you can also take that dispute to the courts or through arbitration. Our legal system has means of combating trademark infringements and false business claims that pertain to .ZA second-level domain name disputes, specifically.
What if I’ve become a victim of online fraud?
With a multitude of online fraud scams current circulating the market, there is no universal guide on what to do next. However, we’ve compiled some basic steps you can take after the fact, the efficiency in which you execute these steps will impact the likelihood of you being able to recover your money or possessions.
- Step 1: Report the crime
We recommend contacting your local authorities to report the incident and remember to provide them with detailed information regarding the incident in affidavit form and if possible, provide supporting documentation that can prove the fraud. This will help the authorities investigate the fraud in question and will provide you with a case number to refer to when speaking to your bank or other related parties. - Step 2: Contact your bank
As soon as you have realised what’s happened, contact your bank’s fraud prevention line as they will be able to cancel your cards and prevent any further transactions from occurring. This will help prevent further loss or financial damage. With certain banks you may be able to request a charge back, in order to retrieve the money taken or submitted, but time is of the essence – so the sooner, the better. - Step 3: Contact other related party’s
This particular step can apply should you suspect identity theft or perhaps suspect a fraudulent advert on a reputable website. For example, should you suspect identity theft, you should contact your bank, insurance company, and any other organisations where you may have an account so that they can flag suspicious behaviour. If you’ve come across a fraudulent advert on a reputable website, you should try contacting the site owner and provide them with details of the advert so that they can begin their investigations and removal of the advert. - Step 4: Contact the South African Fraud Prevention Services (SAFPS)
The South African Fraud Prevention Service (SAFPS) is a non-profit organisation that can help you protect your identity against further loss or damage. You can contact SAFPS on 011 867 2234 or via email at safps@safps.org.za for help with fraud prevention, combating financial fraud and crime, and help if you are a victim of impersonation or identity theft.
What measures can I take to safeguard my business against fraud?
When it comes to your business, there are steps you and your employees can take to deter cyber criminals and help keep your data safe. Here are some measures your business can take to keep your business from becoming another fraud statistic:
- Use multi-factor authentication on emails and accounts
Utilising multi-factor authentication on your emails or other accounts may seem tedious, but this acts as another layer of protection against unauthorised access, even in the event where your password has been compromised. - Educate staff on phishing emails and text messages
Although there are many resources that explain what phishing emails or text messages are, many people still fall prey to it. Therefore, business owners should provide training to staff on what phishing emails or text messages look like and explain the importance of vigilance when it comes to potentially suspicious mail. - Use strong passwords and consider password hygiene
When it comes to your passwords, it may be tempting to use yours or a family members name followed by a few numbers, but this is far from secure. Having strong complex passwords can help you safeguard your data, also consider changing your passwords frequently as part of your password hygiene. - Keep software and devices up to date
Updating software or your devices may be a bit annoying, however these updates generally mean that a vulnerability in the programmes code was identified and resolved. Therefore, keeping your devices and software updated can help prevent hackers from gaining access to your data. - Backup data regularly
The financial and legal implications of data loss cannot be overstated. This is why we recommend that you store and regularly back up your data to cloud platforms to ensure your data is secure from potential hackers.
The MarisIT solution
At MarisIT, we are committed to protecting South Africans and their businesses from the growing threat of cyber fraud. We offer a range of products and services designed to mitigate cybersecurity risks and keep your online presence safe and secure. For more information, contact MarisIT today.
