An increase in web bookings for accommodations and tickets for the World Cup in South Africa has spurred local online users to warn about an uptick in cybercrime in the region.
Africa is currently facing an increase in phishing attacks in which criminals try to extract bank account information in order to steal money from unsuspecting bank customers. Meanwhile, South Africa is hosting the World Cup from June to July this year, with millions of people already making online bookings for tickets and accommodations.
South Africa is Africa's second-largest telecom market in terms of investment and subscription while Nigeria, Africa's largest telecom market, is ranked number three in the world in terms of cybercrime. Cybercrime in the region has further increased following the landing last year of Seacom and Teams international cables, which are starting to lower bandwidth and Internet connectivity costs.
Africa is experiencing an explosion of mobile money services as banks and mobile providers compete with customers who would otherwise not have a bank account. This has increased phishing attacks on unsuspecting customers, in efforts to lure them to fake sites and get their bank details.
The problem has been heightened by the fact that very few African countries have a legal framework for cybercrime prevention, or the skills, equipment and organisational abilities to fight cybercrime. Zambia, for example, has a computer misuse law that calls for convicted hackers to be sentenced to jail for up to 25 years, but the country has no equipment and organisational infrastructure to fight cybercrime.
"The problem is that so many people are competing for tickets to the World Cup. In the process, many of them are getting swindled through phishing and fake online promotions for tickets to the event," said Walter Tapfumanei, communication officer, Africa Agency for ICT Development.
Scammers are also using SMSes to impersonate big company officials and send messages to potential victims saying that they have won tickets to the FIFA 2010 World Cup. In other e-mail, the contact would claim to have been awarded a huge mining contract and would invite the "investor" to the country where they would meet with fake government officials.
Symantec Africa Regional Director Gordon Love said South Africa is experiencing an increase in spam and many other cybercriminal activities including government Web site defacements. As a result of increasing phishing and many other cybercrime activities in South Africa before the World Cup, Symantec has launched a special Web site where it will keep Internet users updated with related attacks and how to access and buy genuine World Cup tickets.
In its monthly report last month, Symantec cautioned Internet users to avoid clicking on suspicious links in e-mails or instant messages and never to fill out forms in messages that ask for personal or financial information or passwords.
Very few banks in Africa that provide Internet services are able to also offer security software to curb cyber-attacks. Phishing attacks aimed at bank customers feature unsolicited messages instructing users to follow a link to confirm their account information, as a way for criminals to obtain passwords and user identities.
"The Zambia police have formed a cybersecurity team in order to crack down on those involved in cybercrimes," said Ngabo Nankonde, Zambia Information and Communication Technology Authority's public relations manager. "Once arrested, the penalty is ZMK 36 million (US$8,000) or jail sentence of more than 10 years."
Generally, ignorance has been cited as the reason many people fall prey to online scams. So far, more than 100 sites selling fake tickets have been shut down by FIFA and South African authorities in a bid to stop the selling of fake World Cup tickets.