People Required for Cyber Security

Defending your organisation against cyber-attacks is not a one-size-fits-all exercise. No single tool or magic box with flashing lights will solve this problem and understanding the threat landscape and where your organisation sits within it is no easy task, but it is far from impossible. There is reasonable knowledge now on the primary threat groups, their motivations, their targets and their methods. However, it is not the case that all threat groups target all organisations, or even a few. The nature of targeted attacks is that attackers take weeks or months to plan an attack where they attempt to access and exfiltrate specific information or assets. In order to respond to attacks you effectively also need people in order to defeat people.

Brand Improvement with Cyber Security

Strong IT security will enable organisations to win customers and retain customer loyalty. Across several B2B and B2C sectors, from finance to pharma, recruitment to retail, having a trusted and provable security posture is an essential requirement for new customers to do business with an organisation. This has often been posited, but was recently proved in a survey by Vodafone where 90% of businesses said strong cyber security would help their reputation in the market, attract new customers, and improve customer loyalty.

Protecting Higher Education from Cyber Attacks

In September 2020, the National Cyber Security Centre (NCSC) issued an alert that ‘devastating’ cyber attacks against HE providers were spiking. Further, in 2019 four out of five HE providers reported that they had been attacked at some point in the previous 12 months.

Spotted in the Wild

Fake Retail Phishing Scams
There have been several fake phishing scams appearing on the WhatsApp platform recently that claim to have come from the major retailers Game, Woolworths and Adidas. The scams with these retailers’ names in them offer R2500, free televisions and clothing, respectively, if the user completes a simple questionnaire and shares the campaign with a number of their WhatsApp contacts. The campaigns are clearly designed to trick people into thinking these are from legitimate sources during the month-long “Black November” and upcoming festive shopping periods.

The scam using ‘Game’ in its name asks that you logon to a website where you need answer three basic questions and then forward the offer to at least 20 of your WhatsApp contacts in order to win one of the televisions that are being “donated for free after they were found to be scratched”.

The website used was configured in such a way that if the site was left active it began navigating to additional links in new tabs every few seconds. If the browsers you were using were fully patched, they will usually have prevented the potentially harmful content from loading.

In the ‘Woolworths’-branded campaign, the webpage template was poorly repurposed from a similar ‘Shoprite’ scam that had occurred previously with the images, website URL and most of the text simply changed. The perpetrator clearly didn’t pay too much attention to the changes that they had made as the browser and tab title bars still show the word ‘Shoprite’ in them.

This bulletin is intended to increase the security awareness in organisations by providing useful information to help enhance security and safety when using computing devices and the Internet.

Be sure to consider some of the cyber threats out there and consider these tips for protecting yourself and your devices. Until our next mailer, you can check out all the great resources we have available on our website.

The Cybervision Team