Phishing targeted 35% of SA digital payment users

More than one third (35%) of South Africans faced phishing scams when using online banking or mobile wallet services.

In addition, 43% have personally encountered fake Web sites, and 59% experienced scams (via texts or calls) using social engineering.

These were some of the findings of the Kaspersky Digital Payment survey which studies people’s interactions with online payments, and attitudes towards them.

The study was conducted by research agency Toluna across the Middle East, Turkey, SA, and Nigeria. Survey responses were gathered between February and March 2022 with a total of 2 004 respondents surveyed across the stated countries.

When asked about awareness of threats against digital payment methods, the majority of respondents from SA said that they are aware of both the financial phishing attacks (94%) and online scams (95%).

Some 78% also said they are aware of banking malware on PCs and on mobiles, which steals money from users’ bank accounts.

However, almost everyone surveyed (98%) think that banks and payment companies should educate users more about online threats.

James Gumede, SADC territory account manager at Kaspersky, says when it comes to the proliferation of phishing scams or mobile malware, it is important to establish some basic cyber security standards.

“Advanced security solutions, which are able to filter out most of the generic attack vectors, supplemented with other preventive measures such as good cyber security awareness and regular password changes, can help to keep your financial transactions secure,” he adds.

For developers, banks and companies involved in providing digital payment services, the security giant advises to implement cyber security solutions that can detect fraud across multiple levels of online payment processes and consumer touchpoint.

Moreover, because advanced attacks by APT groups on financial institutions are also on a rise, in-depth visibility and threat intelligence are a necessity to keep customers protected and to ensure business continuity.

Using a threat intelligence service can help support IT teams in analysing and mitigating threats. Also, conducting cyber awareness training for employees continuously is a good idea, as this will help employees know the red flags to look for when an organisation is under attack and to understand their role in protecting the organisation.

Security features that consumers would like to see more of, according to Kapersky:

• The implementation of one-time-passwords (OTPs) via SMS for every transaction (76%)
• Biometric security features like facial or fingerprint recognition (75%)
• Automated detection and intervention for fraudulent transactions (58%)
• Requiring two-factor authentication (51%)
• Point-to-point encryption (22%)