Facebook Business – Phishing

How safe is your Facebook Business account?

Facebook business accounts provide companies with a great way to reach potential customers and stay in touch with their network of followers. But recently this platform has become a major target for cybercriminals.

An onslaught of phishing attempts against Facebook business users has prompted Meta to release a new framework of safety guidelines to prevent further attacks. 

Let’s take a look at the cybersecurity situation around Facebook commercial accounts and what you can do to keep yours safe.

Cybercriminals target Facebook business users

Recently, headlines about compromised Facebook business accounts have been causing concern in the commercial sector, both  internationally and in South Africa.

The potential risks involved in a compromised Facebook business account include financial and reputational losses arising from impersonation and takeover attempts. In this scenario, cybercriminals could gain access to your account and use it to defraud your customers.

  • Cybercriminals gain access to your account, change the associated bank account, and request payment from customers which would be channelled into their account and may never be recovered. 
  • In addition, the damage to your company’s reputation in the wake of an incident like this could be massive, with disgruntled and aggrieved customers taking to Facebook itself to spread the news, about fraudulent activity carried out in your company’s name.

How to spot the signs of a Facebook Business phishing attempt

Like many cybersecurity breaches, Facebook Business account takeovers begin with innocent seeming emails and Facebook messages, particularly in the form of business partner requests.

Emails purporting to be from Facebook are another popular method that hackers used to carry out phishing attacks. 

According to Meta, it’s essential for users to be on the lookout for email addresses with domains which are almost the same as the official ones used by Facebook but vary in terms of a single letter or word. The following domains are the only official ones used by Facebook:

  • fb.com
  • facebook.com
  • facebookmail.com
  • instagram.com
  • meta.com
  • metamail.com
  • support.facebook.com

In general, any email or electronic message that asks you to click on a link or enter account details should be treated with a high degree of suspicion. 

This is especially true if the message refers to an account action that Facebook supposedly wants you to take but doesn’t come up as a request on the Facebook app or website itself.

If you find yourself unable to access your account, receive complaints from customers who have received strange messages from your Facebook Business account, or suddenly notice that your account is following strange accounts, it’s highly likely that you’re a victim of phishing. 

It’s essential to report your account as compromised immediately to avoid serious losses. 

Protect your online business with secure cloud storage 

Considering that Facebook business accounts are used to process payments and interact with valuable customers, the last thing you want is for yours to be compromised and used to carry out criminal acts. 

Securing your Facebook business account is an essential step if you’re doing business online today – and it’s just one part of an effective cybersecurity strategy.

Secure cloud storage is an excellent way to keep your confidential files safe in the cloud and out of the wrong hands. To learn more about our range of cloud storage solutions for businesses of all sizes, visit our product page today.

Hijacking Broken Hyperlinks – Cyberthreats

Cyberthreats hiding in plain sight – hijacking hyperlinks 

Have you ever clicked on a link that takes you to a dead webpage or tried to type in your bank’s URL and found yourself on a phishing website?

Link hijacking is a technique that cybercriminals use to direct website visors to malicious pages on the internet. 

As a business owner, you’ll want to ensure that your website is safe from this tactic, but first let’s find out how it works and how it can be avoided

Broken links are like broken windows for cybercrime

Even the smallest gap in your cybersecurity can give hackers the entry point they need to carry out an attack.

Just like the broken window of a building, which can allow burglars to enter more easily, broken links create the perfect opportunity for cybercriminals to compromise your company website. 

Here is the typical pattern that this crime tends to follow:

  • Cybercriminals identify a link on your website that leads to a defunct webpage.
  • If the webpage hosting has expired, they may purchase it and populate it with potentially harmful links that visitors will assume are a legitimate part of your website.

The end game of link hijacking is to steal internet traffic and lead it to a site that cannot only carry out malware or ransomware attacks, but could also compromise the credibility of your business.

How many broken links are there on the internet?

You might think that broken links are only an issue for poorly maintained websites, but research has shown that the issue is far more common than that.

Recent research shows that more than 500,000 websites online are phantom domains created  by cybercriminals.

Given the frequency of this problem, it’s essential to check your own site for the presence of broken links without delay and take measures to correct them.

How to fix broken links for added security 

Checking your website for problematic links is easy to achieve with a website scanner or broken link detector.

  • Once you identify links that lead nowhere, you should remove them from the main site or update the link that they redirect to with a secure webpage.
  • Ensure that your redirection service and file hosting providers are above board and offer excellent customer support. 

To avoid impersonation sites with a slight alteration of your URL spelling, you may want to register several domains – with the different variations included in them – so that they can’t fall into the wrong hands.

Keep your business safe online with secure cloud storage

Protecting your business from link hijacking is just one step that forms part of a comprehensive cybersecurity plan. 

Secure cloud storage is the most effective way to keep your data safe offsite and out of the clutches of criminals. Our range of secure backup packages offer peace of mind along with the efficiency of automated encrypted file management.

The GNUS’s New Minister of Communications – Technology

Meet the New Communications Minister: Solly Malatsi 

South African politics has entered a new era with 12 cabinet posts coming from the opposition. Among these new arrivals is Solly Malatsi, a dynamic young Communications Minister who has his work cut out for him.

Malatsi will be tasked with working through a significant backlog in the Department of Communications and Digital Technologies (DCDT), which has seen more than 10 ministers since 1994.

Analysts in the tech industry believe Malatsi has the potential to bring some stability and efficiency to an ever-changing sector that has been struggling to balance politics with industry needs. Here are some of the top items on his agenda as he sets out to transform the country’s ICT sector.

Three main priorities for Malatsi’s first 100 days 

There’s an old saying that the first 100 days is the most crucial in politics. 

Malatsi will find himself facing a veritable mountain of tasks. The three biggest challenges for the minister of communications will be:

  1. Digital transformation. Finally making the change from analog to digital broadcasting as streaming and on demand entertainment become the norm.
  2. Fixing the SA post office. Despite billions of Rand in bailout, the SAPO is still far from functional and must be rescued or finally privatised.
  3. ICT policy. The past 20 years has seen a total transformation in the technology and communication field. Government policy will need to be brought up to speed to address the needs of our 21st century economy.

Malatsi has a strong background in policy and oversight, having served as a shadow minister and a member of Parliament since 2014.  The 38-year-old is also the DA’s Deputy Federal Chairperson. 

He will need to act decisively to bring about reform in his department, which may be doubly difficult because former Minister Mondli Gungubele will stay on as his deputy.

Will the tech sector benefit from a new approach to regulation? 

Ultimately, whatever happens to the Post Office and television broadcast system, Malatsi’s true legacy will be determined by the policy initiatives he spearheads to move the country in line with international best practices.

A young, intelligent minister with an ambitious plan could dramatically transform the tech and communications landscape in the country. We look forward to seeing Malatsi create a legacy for South Africa as a premier ICT hub as the country battles to overcome increasing cybersecurity threats. 

Protect your sensitive business communications with secure cloud storage

Business communications that rely on sensitive documents need the best secure cloud storage. To learn more about Soteria Cloud and our range of encrypted backup solutions, visit our product page today.

From Ai to the Cloud – Cybersecurity

AI, Cloud and Hybrid Work Trends

2024 is turning out to be a fascinating year for the tech industry as AI becomes mainstream and companies double down on the cloud as a way forward for business process streamlining.

As the year unfolds, forward thinking businesses will be watching the evolving trends and planning their cybersecurity strategies accordingly. Here are some big movements in the tech industry to keep an eye on this year.

AI isn’t going away anytime soon

Since the world was thunderstruck by the launch of ChatGPT in late 2022, the rollout of AI solutions and businesses around the world has only intensified.

Large Language Models, AI assisted internet search offered by sites like Microsoft Bing, and the outsourcing of basic tasks to chatbots have gone from futuristic dream to a new reality.  

In fact, some economists still predict that AI will threaten the future of many jobs.

Developed markets like the US have rolled out AI at a large scale, either replacing or augmenting positions that were previously done exclusively by humans. These changes may only be affecting employees at the entry level for now, but professionals in all industries – including law, medicine, and even executive management – are exploring the possibility that some of their traditional expertise may be carried out by machines in less than a decade.

For companies, there’s an indisputable cost/benefit to using AI and it certainly can improve efficiencies in many areas of a business – but new technology is not without risks.

  • AI applications have been proven to be unreliable in certain areas, including fact checking, with ChatGPT providing hilarious instances of output that seems professionally acceptable at first glance but actually contains several highly problematic facts and phrases.
  • Accuracy aside, the involvement of AI in business processes raises the risk of cybercrime and hacking attempts, which could be potentially disastrous if bad actors take control of an AI-run Business process of a major corporation or bank.

It remains to be seen whether the rollout of AI will bring all the benefits that it promises but there’s no doubt that it’s here to stay. The enormous amount of data that AI applications produce will need to be managed and secured – and that’s where reliable secure cloud storage comes in. 

Hybrid work continues to become the norm 

The remote working trend that accelerated during the pandemic has become a way of life for millions of workers around the world. South African businesses are embracing the remote working model, giving employees flexibility and companies the ability to obtain talent without borders. 

These benefits come with a parallel responsibility for businesses to comply with the Protection of Personal Information Act and keep their sensitive data safe. Secure cloud storage is an ideal way to secure important files and scale up the amount of storage as needed. 

Cloud computing is the future

Companies are producing more data than ever before with a staggering 120 zettabytes created in 2023 alone – and all of this information needs to be stored somewhere. Increasingly, companies are choosing to keep their files safe in the cloud, making it essential to choose the right storage provider.

Recently, an incident in which Google Cloud accidentally deleted every single file belonging to a major Australian pension fund made shocking headlines. This may be a rare incident, but it certainly highlights the potential for disaster that may occur in the wake of a cyberattack.

Not all cloud providers are created equal Before businesses simply upload all their files to a generic online storage location it is essential to ensure that the necessary security protections are in place. Chief among these is immutable storage, which uses advanced coding to ensure the data cannot be manipulated once it’s stored safely in the cloud.

Our range of secure backup solutions feature immutable storage as part of their key architecture. To learn more about our offering and how it can keep your company’s data safe and out of the hands of cybercriminals, browse our range of packages today.

Digital Wallets – Pay to Go

Setting Digital Wallet Tap Limits 

Digital wallets promised to end our reliance on cash but are they becoming easy pickings for fraudsters?

The pay-to-go experience is convenient, especially as institutions integrate the technology into their payment systems and banks launch card taps and virtual payment apps that allow purchases with a single tap. However, there’s an indisputable risk involved: losing your hard-earned money to cybercriminals. 

Let’s take a look at how cashless payments can be exploited by criminals and how you can set digital wallet tap limits to stay safe.

Don’t let fraudsters raid your digital wallet

South Africa continues to transition from a cash-based economy to one that uses contactless payment solutions. The great hope for this technology was that paying with a single tap would remove the need to carry cash and reduce the risk of losing cash to criminals.

Unfortunately, local criminals have been getting creative and finding ways to steal digital money as well as the paper variety.

A typical scenario resulting in fraud using services like Apple Pay is as follows: 

Waiting in line for your goods to be rung up by the cashier, you take out your phone and prepare your payment app for a single payment. You think you’ve done just that, but after you leave the shop, it turns out that you’ve paid for both your item and somebody else’s – and that person is already long gone.

Criminals are finding ingenious ways to trick customers into tapping twice, sometimes with the help of employees who are in on the scam. This is especially worrying because many banks set relatively high automatic limits on contactless payments – with R10 000 being fairly common. 

If criminals manage to gain access to your tap and go device, they could drain your account in an hour or less, and it’s even easier when you are using the card tap functionality.

How to use contactless payment services and lower your risk

  • Reduce your payment limits. Most customers will find that R 1000 to R2 000 per transaction should be sufficient to pay for small purchases.
  • Receive instant notifications and wait for them. Don’t leave the counter until you’ve received a notification of the amount that has been deducted.
  • Watch out for suspicious transactions. If you notice a payment that you didn’t make or multiple payments of the same amount, contact your bank immediately to stop your card.
  • Disable the tap functionality on your card. Certain banks allow customers to disable the card tap function which can then only be used when you insert it into the machine and enter a PIN.

A holistic approach to online security has become essential as criminals find new and creative ways to steal both money and data. Our range of secure cloud storage solutions will help keep your business information safely encrypted. Browse our range of packages to secure your valuable files today. 

Online Crime Surge Q1 – Cybercrime

South Africa Cybercrime Surges in Q1 2024

South Africa continues to buckle under the weight of rising cybercrimes, with the latest reports indicating that the country’s victim count increased by 107% between Q2 2023 and Q1 2024.

These revelations come on the back of similar worries across the African continent, which is seeing a rapid rise in cyberattacks as online attacks in other regions start to stabilise. 

Let’s take a closer look at the data and find out why Africa has found itself in the crosshairs of cybercriminals once again this year.

Hackers play catch-up in Africa this year

According to a report by cybersecurity group Check Point which documents incidence of cybercrime in regions around the world, the African continent is experiencing a huge increase in online criminal events.

The rise in incidents is alarming even though the total number of attacks in regions like Europe and North America are far higher in absolute terms. 

  • Africa saw a 20% rise in cybercrime incidents in Q1 2024. On the other hand, Latin America saw a 20% drop over the same period. 
  • Government and military targets remain hugely popular among cybercriminals, increasing the prospect of service disruption and the destabilising potential of these attacks. 

This seemingly contradictory trend makes more sense in the context of pure numbers versus percentages. 

Considering that Africa has traditionally lagged behind other countries in terms of internet penetration and online business, the continent’s recent digitisation has probably made it a prime target for cybercriminals.  

Hackers who are finding it more difficult to increase their rate of attacks in developed regions which have invested heavily in cyber security may have discovered easy pickings in Africa this year. 

Now is the time to invest in cybersecurity 

Overall, it would appear that Africa is facing a surge in cybercrimes similar to the one experienced by its more developed peers 5 to 10 years ago. 

The continent may be struggling to respond due to its traditionally lower emphasis on cybersecurity. However, companies in South Africa and across the continent can reverse this situation by investing in the latest cyber defences to bring their security levels in line with those of European and North American businesses.

Some of the key components of a comprehensive cybersecurity strategy include:

  • The basics. Reliable firewalls and updated antivirus software will set the stage for improved data security.
  • User and permission management using the latest multifactor authentication and identity verification will help ensure that unauthorised users can’t gain access to your network.
  • Secure data storage. Encrypted backup and storage cloud storage for sensitive documents and files is one of the surest ways to have a working copy of every essential document in the worst-case scenario. 

At Soteria we pride ourselves on making secure cloud storage available to households and businesses of all sizes. Protect your valuable data today with our range of encrypted cloud data storage packages.

Cyber Defence and Cyber Insurance – Cybersecurity

A Holistic Approach to Cyber Defence and Cyber Insurance

Cybercrime in South Africa continues to soar and companies of all sizes are realising the essential need to have comprehensive cyber insurance. While cover of this type is an essential precaution it needs to be implemented as part of a holistic cybersecurity strategy in order to be cost-effective and ultimately useful to the business.

In this article, we take a look at the symbiotic relationship between cybersecurity cover and the various cybercrime prevention methods that businesses can implement to lower their risk profile when dealing with insurers. 

Read on to find out how you can protect your business from online criminals and potentially end up with a lower monthly insurance premium.

Cybercrime insurance: what the latest data tells us

Cyber attacks in South Africa are rising by the year and companies are increasingly opting for cybercrime insurance. However, given the dramatic increase in these attacks, some insurers have left the market while others are raising premiums significantly and increasing their qualifying criteria for policy holders.

Businesses seeking comprehensive cybersecurity insurance should bear in mind that covering their losses in the event of a cyberattack is not the only necessary measure that should be taken. 

The reason for this is simple: a business that is vulnerable to cyber attacks due to poor security is more likely to be targeted by cybercriminals, and therefore will end up claiming on its cyber security insurance more frequently – or at least that’s what the insurer may assume.

This high risk profile may drive premiums up to the level of unaffordability. 

At the same time, insurance companies are starting to demand that comprehensive cybersecurity planning and response protocols are in place before even ensuring a customer.

  • 53% of businesses surveyed by Sophos indicated that they are seeking cybercrime insurance this fiscal year.
  • Of these respondents, 98% have implemented some form of cybersecurity upgrade to improve their chances of approval and favourable premiums.
  • An overwhelming majority of respondents said that their enhanced security measures had resulted in successful insurance outcomes, underpinning the effectiveness of this approach.

The main take away from the current developments in the cybersecurity sector is that it’s no longer a case of either insuring your business against the eventuality of a cyberattack or preventing one with advanced security measures, but rather that it’s necessary to do both.

Why a holistic approach is needed to combat cybercrime

Before obtaining cybercrime insurance cover for your business, an excellent strategy is to have all the necessary cybersecurity protections like firewalls, antivirus software, and multi factor authentication in place. 

Among these, obtaining secure cloud storage is one of the most crucial steps that any business can take to increase its chances of recovery in the wake of a cyberattack.

Our range of secure cloud storage solutions for businesses of all sizes are built on a powerful backbone of immutable storage, which is almost impossible to corrupt. Browse our range of packages today to enjoy the peace of mind that comes with having your data fully secured.

Apple Spotlight Shifts – AI

Apple spotlight shifts from cars to robots

Apple pushes robotics as its car business moves off the table

Apple may be famous for its $200 billion a year iPhone lineup but the company has recently shifted gears when it comes to R & D, with its sights firmly set on the robotics sector.

As tech giants try to find new avenues for growth at a time when competition has become fierce on their traditional terrain, should we expect to see innovative new robots bearing the apple logo soon? 

Here’s the latest scoop on what Apple has been experimenting with, and what the implications might be for the cybersecurity sector. 

The evolution of Apple from desktop computer manufacturer to a laptop maker, and most recently the creator of the iPhone and iPad, a trio of Portable devices that revolutionised the way we communicate for work and pleasure, is legendary. 

These innovations have propelled the company to ever increasing heights in terms of revenue and market valuation, with the company now worth $2.8 trillion – an amount almost equal to the GDP of France. 

However, with major competition from rivals like Samsung and critics pointing out that the latest iPhone contains very few essential upgrades and is more an exercise in aesthetics, the company is seeking new avenues of growth.

Several years ago, Apple impressed investors and financial journalists when it announced an ambitious smart car project to rival Tesla. Unfortunately, this seems to be stuck in first gear with no realistic timeline for a viable product offering. 

Instead, Apple appears to be investigating the potential of robotics – presumably with AI integration.

Like every piece of information about Apple’s, future activities, reports of its robotics research are mainly obtained through leaks and a fair amount of industry gossip. Word from Silicone Valley is that the manufacturer is developing two main prototypes:

  • A consumer robotics product with full integration to the companies of the devices.
  • A possible rival for the Roomba vacuum – which to date has been the most successful robotic home consumer product produced despite being in its 20th year. 

Whatever these early prototypes end up becoming, it’s clear that smart devices are a major focus for big tech – and that poses a cybersecurity threat all by itself. 

The impact of consumer robotics on cybersecurity

As the Internet of things continues to develop, electronic devices other than computers and mobile phones, that are both connected to the internet and sync with our other devices, are becoming the norm. 

Given that we live at a time when cybercriminals have managed to carry out daring hacking attempts – even using the water monitor in a casino’s fish tank – the potential for denial of service attacks and takeover attempts on household robotic items could be huge.

  • Apple has generally been good at securing the privacy and personal data of its users, but as hacking attempts become more sophisticated, there’s no telling what cybercriminals could pull off. 
  • Rather than placing the blame or expectation of safety on a single manufacturer, internet users should carefully consider what risks they are taking when they buy and use sophisticated consumer products.

As a general rule, if your device sends and receives data, that data needs to be backed up – and that’s where secure cloud storage comes in.

Our range of cloud storage solutions for businesses and households is the ideal place to start when securing your crucial data. Browse our range of packages today to get started,

Cybersecurity Readiness – Cybersecurity

Benchmarking your company’s cybersecurity readiness

South Africa is still under major threat of cyberattacks, with high profile companies and government departments falling prey to ransomware and other online threats on a continuous basis. 

You may have heard a first-hand account of a company having its data taken hostage, and some of the stories have certainly made headlines over the past two years, but now there’s further support for this trend from a major cybersecurity survey.

Cisco’s 2024 cybersecurity readiness report was released recently and to sum up: we aren’t ready.

Cisco, which is one of the world’s foremost productivity software and cybersecurity app providers compiles an annual report based on industry surveys of IT managers and cybersecurity experts to gauge a country’s readiness for online attacks.

For the 2024 report, Cisco analysed the five pillars of cyber security readiness and asked company representatives how well they have prepared for them.

Let’s take a look at each factor to understand exactly what it entails

  • Identity intelligence. This measures how effective a company’s authorised user identification systems are and how easy it might be for cybercriminals to impersonate an employee or steal their credentials.
  • Network resilience. This factor assesses how easily a cybercriminal could gain access to your network remotely due to inadequate security measures.
  • Machine trustworthiness. This is a measure of how effective your cybersecurity system is at the machine level, which is especially important in the age of “bring your own device” or BYOD.
  • Cloud reinforcements. This is an assessment of the sophistication of your cloud backup technology, which provides the ultimate layer of data theft protection.
  • AI fortification. This measure – which was introduced recently – assesses the extent of AI deployment in companies and also whether they are resistant to AI enabled cybercrime attempts.

Most SA companies expect a cyberattack, but few are ready

The South African IT managers and cybersecurity experts surveyed by Cisco overwhelmingly expect to have to deal with a cyberattack in the next year, with 73% of companies, indicating that this is the case.

Unfortunately, only 5% of local businesses have reached the mature stage of cybersecurity readiness measured by the report, indicating that the majority of companies would not be able to cope well in the aftermath of a cyberattack.

Considering how the number of cyberattacks in South Africa keeps increasing and the relatively low level of readiness found at most companies, one of the most effective ways you can increase your own preparedness is  by investing in secure cloud storage with immutable encryption.

Our range of cloud storage solutions with automated backup are suitable for companies of all sizes and can scale up in line with your business requirements. Browse our range of packages and raise your readiness level instantly today. 

Browser File Upload Threats – Cybercrime

Are your file uploads opening the door to hackers?

One of the most basic rules of cybersecurity is “be careful what you download”, but now there’s a new risk for computer users: dangerous uploads.

As browsers become more sophisticated, encrypted uploads are taking place in applications like Chrome – and true to form, cybercriminals are finding ways to exploit this movement of data to put critical company and personal files at risk.

Let’s explore the technical aspects making it possible for criminals to intercept uploads and go over some safety protocols that businesses can implement to protect their files.

Hackers exploit sophisticated browsers like Chrome

If you’ve been using the Internet longer than 10 years, you probably remember how primitive the first web browsers were. We’ve come a long way since Netscape Navigator – with the latest version of Chrome featuring automatic translation, productivity tools, and upload functionalities.

But it’s this last feature that’s presenting a problem to cybersecurity experts now as hackers exploit File System Access Application Programming Interface technology – or API – to steal data.

  • File system API is a type of code that allows web browsers like Chrome and Microsoft Edge to access the internal files on your computer.
  • This allows you to upload files more easily but is also resulting in interception by cyber criminals.

Unknowingly, internet users could find themselves becoming victims of ransomware as hackers intercept their uploads and gain access to important company files. A simple photo upload for editing using a friendly looking online editing tool can enable access for a hacker to your files and subfolders.

Given that more than 60% of the internet uses Chrome, that equates to several billion potential victims across the world.

Apple Safari users may not need to worry about this specific threat – or not yet anyway – but the popularity of Windows computers in many workplaces around South Africa means that a fair chunk of local businesses may be susceptible to this type of attack.

As with many cybersecurity issues, companies that aren’t aware of the threat and continue to use Chrome for uploads on a “business as usual basis” may be the worst affected.

Is it time to call a ban on uploads?

The best approach that companies can take is to prohibit uploads as a matter of policy while educating employees about the risks of uploading files online.

This is an essential first step which will help to increase compliance and boost data security overall.

Encrypted backup applications and file storage systems like Google Drive may be exceptions to the rule, with tightly controlled access privileges being standard practice.

Secure cloud storage has never been more important

The ongoing risk of cyberattacks highlights the need for secure cloud storage in every organisation.

Our range of encrypted backup solutions for companies of all sizes provide a turnkey solution that can help to ensure reliable data protection for your business.