Cyber security awareness in Africa, despite its mobile connectivity-driven economy, is low, with less than 30% of respondents to a recent survey being 'very concerned' about cyber crime.
This is according to the KnowBe4 2023 African Cyberthreat Report, conducted across Botswana, Egypt, Ghana, Kenya, Morocco, Mauritius, Nigeria and South Africa.
The report revealed that one out of every three employees is likely to click on a suspicious link or e-mail, or even comply with a fraudulent request.
So in a landscape dominated by mobile transactions and connections, the risk of crypto scams, social engineering attacks, ransomware and phishing remains consistently high.
“Digital device use, digital skills and connectivity were a priority for the survey to fully understand how devices are used, the perception of risk, and the applications most used on these devices,” says Anna Collard, SVP of content strategy & evangelist at KnowBe4 Africa.
“It found that WhatsApp is used extensively in Africa for work, more so than in other developed countries, and yet there is a lack of corporate advice and awareness around the risks.”
Distractions and multitasking
The report highlights that African businesses and internet users remain uninformed about how to mitigate cyber threats, which leaves them vulnerable.
It found that lack of awareness or training (52%) and distractions and multitasking (38%) are the main reasons for employees making security mistakes.
Furthermore, 43% of respondents were unable to correctly identify common cyber security threats such as ransomware.
People are still too quick to click on links or attachments from people or brands they think they know.
Anna Collard, SVP Content Strategy & Evangelist at KnowBe4 Africa.
The majority (60%) understand what two-factor authentication is and 62% could identify a good password. However, alarmingly, 20% considered “P@$$word!” to be a secure password.
“It was also important to understand how people experienced different types of cyber crime,” says Collard. “The research found that 34% believed they could recognise a security incident if they saw one. In spite of this confidence, 26% admitted to clicking on a phishing e-mail, 51% have had a virus infection, and 32% have lost money to a scam or con artist. People are still too quick to click on links or attachments from people or brands they think they know.”
Collard underlines the significance of crypt scams in Africa.
“What surprised me was the extent to which crypto scams are prevalent among African consumers (or at least amongst the participants in our surveys). As many as 36% said they had fallen victim to a crypto scam, and 57% knew people who had been victims of such scams.”
Collard is concerned about the potential effectiveness of new threats from emerging technologies such as deep fakes being used in political misinformation campaigns or just in plain fraud, such as business email compromise (BEC) attacks with phone phishing (vishing).
A total of 36% of the respondents would believe the video messages showing someone of influence in a compromising situation, with 13% of them saying that video was impossible to fake.
Says Collard: “More public awareness and training in schools is needed to educate African people about the importance of critically questioning any form of media or digital content.”
Share