“Cyber Attack: An attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.” (CSRC – Computer Security Resource Center)
South African businesses, already facing significant risk of cyberattacks, have been warned to step up their cybersecurity as the festive season is expected to see significantly more and increasingly sophisticated cyberattacks. Below are listed some of the common types of cyberattacks.
SARS: a favourite cyberattack ruse
SARS says that there is a steady increase in scams and attacks in which the SARS brand is abused, via the Internet, emails, spoofed websites, SMSes, unsolicited telephone calls and even social networking sites such as Facebook, Twitter and others.
A firm criminal favourite are phishing scams involving false “spoofed” emails made to look as if they were sent by SARS. These fraudulent emails contain links to fake forms and malicious websites purporting to be authentic and lure unsuspecting taxpayers to disclose private and confidential information such as bank account details. Examples include emails that appear to be from “returns @sars.co.za” or “refunds @sars.co.za” indicating that taxpayers are eligible to receive tax refunds.
The latest scams involve smishing, which is phishing via SMSs, and vishing which most recently involves taxpayers being called by a person purporting to be a SARS employee to inform them that SARS owes them money.
Another common cyberattack approach involves refund scams in which identity thieves use a legitimate taxpayer’s identity to file a tax return and claim a refund fraudulently. Yet another threat involves cybercriminals using personal or company information to change the banking details on the taxpayers’ SARS profiles.
A further version involves criminals purporting to be SARS auditors or employees contacting businesses using all the means described above to inform taxpayers that they are under investigation and that an audit will be conducted.
SARS Tips for Improved Cybersecurity
Speak to your accountant first!
It is easy for criminals to dupe unsuspecting taxpayers, and yet, at the same time, taxpayers should never simply dismiss or ignore a notice or demand from SARS as a scam.
The best line of defence against cyberattacks that misuse the SARS brand is to get advice before taking any action. If you suspect the legality of a particular communication or believe you have been contacted by a fake SARS representative, immediately contact your accountant, who will be able to verify the communication or report suspicious activity for you.
This will ensure that you never fail to respond timeously and correctly to legitimate SARS communications, while also safeguarding you from becoming a victim of a cyberattack, especially during the upcoming festive season which promises to be a busy one for cybercriminals.
Suspicious activity using the SARS brand can be reported by filling in the suspicious-activity report form on SARS’ website, sending an email to firstname.lastname@example.org or contacting the Anti-Corruption and Fraud Hotline on 0800 00 2870.
You can also call the Contact Centre on 012 422 7435 to confirm a SARS official is in fact an employee or visit a SARS branch to verify the information.