Cybercriminals are now targeting weak physical points as in-person trade rises to pre-Covid-19 levels. This is according to The Visa Global Risk Investigations report which indicates that hackers focused on e-commerce at the height of the pandemic, but now they are shifting to in-person attacks.
Card-related threats such as physical skimming on ATMs and point-of-sale terminals jumped 176 percent during the one year to December 202, says the report released on Tuesday.
“As in-person commerce returns to pre-pandemic levels, crooks are back to exploiting the physical points of vulnerability in stores, while continuing to capitalise on e-commerce through malware, ransomware and phishing attacks, among others,” said Visa Chief Risk Officer, Paul Fabara.
Digital commerce, which hit unprecedented levels when the p world was wrestling with the ghosts of the pandemic still remains the main target by online criminals.
“The Covid-19 pandemic gave a boost to digital money movement, from online purchases to contactless payments and smartphone wallets, as consumers worldwide sought to shop without touching anything or going anywhere,” notes the survey of global business done by the MIT Technology Review Insights.
About three-quarters of fraud and data breach cases examined by the Visa team involved e-commerce merchants, with most of the attacks relating to social engineering and ransomware.
Cyber-attacks targeting Kenya’s financial systems, including mobile banking, rose nearly three-fold to 444 million in the year ending June 2022 from 158 million in a similar period last year.
The country’s increasingly digitised economy buoyed by deep penetration of handheld devices that link mobile money through telcos and banks, has exposed Kenya as a highly prone target for online fraud, with banks losing hundreds of millions annually.
There were over 200 million cases of malware attacks, which accounted for the majority of cyber hacks in Kenya during the period ending June, the most prevalent form being Ransomware.
Financial malware includes viruses that are designed and developed to retrieve financial information and pinch money from individuals and firms.
The Communications Authority of Kenya (CA) issued 7.9 million advisories in the year to June 2022, up from 93,696 issued in a similar period last year in an effort to curb the rising attacks.
Widely circulated links promising free airtime, money and other products have been used in phishing attacks to collect personal data and use it to siphon cash.
CA advised users to choose applications and plug-ins carefully as most backdoors hide inside seemingly benign apps and plugins.
Kenya is set to benefit from erecting of one of Africa’s two Internet Corporation for Assigned Names and Numbers (ICANN) data centre meant to increase internet speeds and make it harder for hackers to jam networks.
The facility will provide higher bandwidth and improve data processing capacity, reducing the risk of the internet going down because of a cyber-attack.
The Visa report argues that the rising adoption of digital financial services—mobile banking, online purchasing, and peer-to-peer payments—means that these days, money most often passes not through human hands but from computer to computer.
“No cash, no plastic cards, no paper bills or checks or envelopes or stamps. Digital is no longer just another way to move money. Every organisation that moves money must meet users via computers, smartphones, and other devices, and offer rapid, secure payment services,” the report notes.