African countries, including Botswana, Kenya, and South Africa, were surveyed in 2019 to determine their preparedness to face threats from cybercrime by KnowBe4, an international security awareness training company.
The study found that 53% of all Africans surveyed think that trusting emails from people they know is good enough to preclude them from security threats. 28% have fallen for phishing email scams before and 50% have claimed to have had malware infections. 52% of Africans surveyed don’t know what multi-factor authentication is and 64% don’t know what ransomware is, yet 55% believe they can easily identify a security threat.
KnowBe4 says that the data suggests that Africans are vulnerable from cyber threats – they are vulnerable because they are not aware of what they do not know. Africans mistakenly think they are prepared and knowledgeable about malware and security issues.
Across the entire study, South Africans and Kenyans were seen to be the most concerned about threat from cybercrime, around 74% and 75% respectively, yet respondents from these countries say they are comfortable giving away their personal information as long as they know what it is being used for (South Africans 57% and Kenyans 26.59%).
“It’s a worrying trend – many phishing scams will use any means necessary to tease out valuable nuggets of personal information and phone calls or emails from so-called ‘trusted sources’ are among the most common methods used,” says KnowBe4.
The problem is that most users are not aware of how cybercriminals operate and the tools that they use, and while the majority of Africans feel secure in that they can see an attack coming, over half of South African respondents claimed that they have had a virus infection on their PC – 67% in Kenya, Ghana, and Egypt.
More than 50% of respondents are not aware of what multi-factor authentication is – a method in which you access certain apps through a few different methods, such as accessing a banking app with a password and then a randomly generated PIN number sent to your email address – this is often known as a one-time password or OTP.
In Africa, the most successful attack vector of successful data breaches continues to be Phishing, where emails containing malware in the form of a file or document is opened, exposing the malware to your systems. In South Africa, more than half of the respondents (52%) trust emails from people they know, while only 49.5% don’t open attachments they do not expect. Cybercriminals could be masquerading as someone you know to access your information.
Myths like checking for bad grammar and spelling to decide if an email is a threat or not are also causing many Africans to fall to the whims of sophisticated cybercriminals. KnowBe4 concludes by saying “…it turns out that yes, Africa has been phished and will continue to fall prey to this insidious attack unless they recognise the need for training and a deeper understanding of security threats.”
An earlier study conducted by Kaspersky found that dating apps are the places in which people fall for security threats most often in Africa.
Edited by Luis Monzon
Follow Luis Monzon on Twitter
Follow IT News Africa on Twitter