12 Sep South Africa’s banking and insurance sectors are being targeted by cyber attacks

Cybercrime is on the rise with South Africa’s banking and insurance sectors being targeted by cyber attacks, particularly via financial apps and phishing techniques.

The latest survey data from cyber defence firm EasyDMARC indicated that close to 50% of South Africa’s insurance companies are unprepared to deal with rising cases of email phishing while banks are struggling to ward off spoofing attacks. DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a technical cybersecurity standard for protecting senders and recipients of emails from attacks.

Whilst South African banks have been enjoying record net profit increases of between 95% and 224% last year, the profits have made them even more attractive to hackers. 

The EasyDMARC report stated: “Out of 35 South African insurance companies, only 18 have a DMARC policy deployed for email authentication. This means only 51.42% of insurance companies are prepared against phishing, spoofing, and spamming attacks attempted in their name.”

Of all South African banks, the survey shows that only 18 of the 38 banks using the firm’s services have put up email defences that can ward off 100% of phishing attempts. An EasyDMARC representative told Quartz that higher cybersecurity budgets alone cannot win the war against cybercrime, as attacks have become more sophisticated.

The research team explained:”While the email security budget is growing, the effort on the part of bad actors increases as well. Staying on top of cybersecurity threats demands smart strategy and thinking ahead.”

Insurer Liberty Holdings’s shares fell by 5% after a cyber breach incidence. According to GIB Group which offers personal cyber insurance in South Africa, banking app losses increased by more than 88% in 2020 to an average loss of $820 per transaction.

According to a 2021 Interpol report, South Africa came top in Africa for cyber threats, and is third in the world, with 230 million threats detected last year. Out of these, 219 million threats were related to emails.