Jump to content

How One Simple Mistake Cost R150K and How You Can Avoid the Same Fate


Recommended Posts

Cape Town, South Africa – In a startling incident that highlights the ever-present threat of cyber fraud, a senior member of the National Sea Rescue Institute (NSRI), Dr. Cleeve Robertson, recently fell victim to a sophisticated phishing scam, losing R150,000 of his own funds. This proves the saying that attackers only need to succeed once, but you need to be vigilant 100% of the time.

 

This cautionary tale serves as a critical reminder for business owners to bolster their own cyber defenses.

 

Last week, while in a routine meeting with his CIO, Dr. Robertson received a call from his bank's Fraud Department. The call flagged several suspicious transactions to several online retail outlets in another town, despite the executive being in Cape Town and his bank card in his own possession. Dr. Robertson confirmed that the online transactions should be declined. Moments later, another call came in, purportedly from another individual in the fraud department within the bank, asking him to verify the transaction cancellations through a one-time PIN (OTP) the bank would be sending to his phone number. Trusting the caller, after receiving confirmation of several items of personal information, he provided the OTP PIN, thinking the issue was resolved. Despite these transactions being completely out of character with his account, the bank did not flag and stop them.

 

However, both he and his CIO soon felt uneasy about the sequence of events. Upon checking his bank account, they discovered the entire remaining balance was gone, totalling R150,000. This devastating incident is a stark reminder of how easily one can fall prey to cyber fraud.

 

Such scenarios are alarmingly common. Just recently, The BIG ISSUE, a publication often sold at Cape Town traffic lights, lost almost R600,000 from their business bank account in a similar phishing incident. Attackers use social engineering tricks to gather sufficient personal information to illegally access the bank accounts of individuals and businesses alike. It has been proven that it is insufficient to simply train staff once. Untrained staff without regular security testing pose a significant risk to business security and, of course, their own personal bank accounts as well.

 

How SuperShield Works:

 

In response to this incident, both the NSRI and The BIG ISSUE have signed up with SuperShield to protect their staff and digital assets from similar threats. SuperShield offers a robust cybersecurity service that performs simulated cyber attacks against staff members on a regular basis. At just R30.00 per staff member per month, it strengthens the ‘Human Shield’ and quickly changes people’s attitude towards cybersecurity.

 

After registration, the NSRI uploaded a CSV file of all staff members, and each one gets access to the course material and the online test.

 

But this is not just an ordinary training course. Importantly, the simulated phishing attempts on staff members are performed using clones of the latest online scams, keeping everybody vigilant. This helps identify employees who, despite the training, still click on dangerous links or share sensitive information. Staff members who fall for one of these simulations are marked as High Risk and must revisit the course and redo the test in order to reinstate their low-risk status. Because management at NSRI can see the results of the simulated tests on their SuperShield dashboard, it completely changes the attitude of participants when it comes to screening unsolicited emails, SMS, voice, and other communications.

 

The SuperShield management dashboard also ranks the organization against other businesses using SuperShield. This feature helps management understand their cybersecurity standing and easily identifies individuals who may be their weakest links.

 

Impressed by the effectiveness of the SuperShield program, both the NSRI and The BIG ISSUE have also become affiliates. By signing up through one of their links, you can protect your own staff and digital assets, fulfilling company fiduciary duty while supporting the NPO through using their link to register.

 

To register, use either supershield.co.za/aff/NSRI or supershield.co.za/aff/BIG.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...