by Nicolene Schoeman-Louw
Email compromise scams are a growing threat in the digital world. These scams can have devastating financial and reputational consequences for individuals and organisations.
Email compromise occurs when a malicious actor gains unauthorised access to an email account. This can happen through various methods, such as phishing, malware, or social engineering. Once they have access, scammers can monitor communications, steal sensitive information, and use the compromised account to conduct further fraudulent activities.
Common Email Compromise Scams
Business Email Compromise: Scammers pose as company executives or trusted partners to trick employees into transferring funds or sharing sensitive information.
Invoice Scams: Fraudsters intercept legitimate invoices and alter payment details, redirecting funds to their accounts.
Phishing: Attackers send deceptive emails to trick recipients into revealing login credentials or other personal information.
Spear Phishing is a more targeted form of phishing in which attackers personalise emails using information gathered from social media or other sources to increase credibility.
Suggested prevention strategies include:
Enhance Email Security
Educate and Train Employees
Implement Robust Policies and Procedures
Legal Framework
Email compromise scams intersect with several legal frameworks designed to protect personal information and combat cybercrime, these include:
Protection of Personal Information Act 4 of 2013 (“POPIA”): POPIA governs the processing of personal information and requires organisations to implement adequate security measures to protect personal data.
Electronic Communications and Transactions Act 25 of 2002 (“ECTA”): ECTA provides legal recognition to electronic transactions and communications and outlines requirements for secure electronic communications.
Cybercrimes Act 19 of 2020: This act addresses various cybercrimes, including unauthorised access to data, cyber fraud, and phishing, providing law enforcement with tools to combat cybercrime.
What to Do If You Are Compromised
Immediate Actions
Change Passwords: Immediately change the passwords for the compromised account and any other accounts using the same credentials.
Enable multifactor authentication: If it is not already in place, enable multi-factor authentication on all accounts.
Notify IT and Security Teams: Inform your organisation's IT and security teams to initiate an investigation and mitigate further damage.
Contain and Assess the Damage
Identify the Breach: Determine how the compromise occurred and what information or accounts were accessed.
Secure Accounts: Check for any unauthorised forwarding rules or changes to email settings and revert them.
Monitor Activity: Closely monitor accounts for suspicious activity and unauthorised access.
Inform Affected Parties
Notify Partners and Clients: Seek advice on informing the Information Regulator. Inform any relevant partners, clients, or stakeholders about the breach and any potential impact on them.
Report to Authorities: Seek advice on reporting the incident to the South African Police Service (SAPS) Cybercrime Unit and the Information Regulator if personal information was compromised.
Review and Improve Security Measures
Post-Incident Analysis: Conduct a thorough review of the incident to identify vulnerabilities and areas for improvement.
Update Security Protocols: Implement enhanced security measures based on lessons learned from the breach.
Conclusion
Email compromise scams pose a significant risk to both individuals and organisations in South Africa. By understanding the nature of these threats and taking proactive measures to prevent them, you can reduce the likelihood of falling victim. However, if a compromise does occur, swift and decisive action is crucial to mitigate damage and prevent further breaches. Regularly updating security practices and fostering a culture of awareness are key components in defending against email-based threats. By staying vigilant and informed, you can protect your digital communications and maintain the integrity of your business operations within the South African legal context.
Nicolene Schoeman-Louw founded SchoemanLaw Inc in 2007 in South Africa aged 24, and is now the Managing Director of the firm. She is an admitted Attorney of the High Court of South Africa, Conveyancer, Notary Public and Mediator; with a passion for entrepreneurs and helping them reach their most ambitious goals. She obtained her LLB degree cum laude and successfully completed her LLM degree (dissertation) in commercial law and B-BBEE, both at the University of the Free State. In addition, she obtained her postgraduate diploma in financial planning (CFP) at the University of Stellenbosch. She regularly contributes to various publications and shares her knowledge regularly on various radio stations. Nicolene has enjoyed the confidence of many successful entrepreneurs over the years and continues to do so. As a trusted advisor she has actively contributed to the successes of many businesses, helped and continues to help many entrepreneurs build lasting legacies.
More articles by Nicolene