VIDEO: SA’s cyber criminals gaining notoriety

Johannesburg, 11 Apr 2025

Expert digital forensics auditor professor Danny Myburgh, MD of Cyanre, provides an overview of the latest cyber crime trends he’s seeing being committed in South Africa. He also details some of the cases he’s worked on and the entry paths and skills needed to get into the field of digital forensics.

South Africa is one of the largest perpetrators of online confidence scams, according to a leading cyber expert.

Professor Danny Myburgh, MD of Cynare, speaking to ITWeb TV, in a wide-ranging interview, said: “We are seeing that South Africa is one of the largest cyber predators out there, in relation to scams, but then we are also one of the countries that's most attacked or impacted by online scams.”

Artificial intelligence technologies, particularly in the form of deepfakes, are also being employed by scammers to make their scams more convincing, which is becoming a growing area of concern.

"We find it with romance scams – sextortion – where, if you don't believe that it's not the real Tom Cruise contacting you, they'll give you a FaceTime call.”

He added that scammers are also using deepfakes, for example, to contact victims. They impersonate police officials and tell the victims that a package intended for them containing illegal goods has been intercepted. The victim must pay a bribe or make a deposit for the issue to go away.

Crypto-currency investment scams are popular.

The deepfakes are used on video calls to make the victim believe the authenticity of the situation. This also means the victim is less able to make a call to the actual police, or for help.

Crypto-currency investment schemes are another popular area for scams, he noted. These are especially prevalent on channels on Telegram, where different sock-puppet accounts pretend to praise a service for providing excellent returns.

“Currently, we have got an investigation that includes a SIM farm of more than 50 000 cellphones. The criminal syndicates are utilising the SIM farms to populate these types of channels and simulate interest.”

ITWeb Security Summit 2025 Johannesburg – 3 and 4 June

This episode of ITWeb TV is produced in association with ITWeb Security Summit. Professor Danny Myburgh is one of the many speakers who will be presenting at this year’s ITWeb Security Summit, the annual gathering of cyber security professionals, experts and thought leaders. The summit will unpack the latest developments, the methods that attackers are using and the best strategies to protect digital assets.

For more information and to register, click here.

Once victims provide payment, they are kept engaged for a while. “These guys are quite sophisticated; they'll register you on a site where you can monitor your portfolio, you can give them suggestions, you can ask them to sell a bit of Bitcoin and buy Ethereum.”

Of course, the victim’s investment has long gone, but extra ‘penalty’ payments are demanded if the victim requests to cash out early.

Myburgh said as part of a private company, the levels of international access to tracing where scams or attacks are coming from are limited, but he is seeing most attacks emanating from East and West Africa, and the Eastern European bloc nations.

“But our local criminals are definitely not far behind, although they specialise more in scams than, for example, ransomware-types of attacks.

"We've been successful in identifying two hackers that we traced to Cape Town, and in an effort with the Hawks, we were able to arrest them. They are currently still in jail and have spent about a year and three months there, and haven't received bail. We're hoping that they are going to be the first ‘guilties’ under the new Cyber Crimes Act.”