OneDayOnly.co.za has reported a concerning rise in fraudulent activities, with criminals creating fake social media profiles to lure consumers with massive discounts and deals. In the second quarter of 2024, one in 10 South Africans fell victim to fraud, with phishing attacks accounting for 28% of these incidents. Phishing involves scammers impersonating reputable businesses or individuals to steal sensitive information, financial data, and passwords. OneDayOnly.co.za's brand and campaign manager, Jonathan Spencer, warned of a concerning rise in fraudulent activities, where criminals create fake social media profiles that lure consumers with enticing offers of massive discounts and deals. These profiles then direct victims to meticulously cloned websites, where they fool 53% of people into believing they are real.
Spencer said that 68.4% of financial phishing attempts in South Africa occurred through fake online stores. He added that the consequences of falling prey to these schemes could be devastating, as stolen personal information can be exploited to open bank and retail accounts or commit insurance, medical aid, and unemployment insurance fraud. In some cases, criminals impersonate victims to gain unauthorised access to bank accounts and drain funds.
Financially, the impact was severe, with 40% of people reporting that they had lost about R1,833, while 30% were defrauded of between R1,833 and R18,329. A survey by KnowBe4 revealed that nearly 40% of respondents said they had fallen for an online scam. Spencer suggested consumers protect themselves from spoofing (the creation of fake websites) and angler phishing (the impersonation of trusted sources on social media) by using free online tools like WHOIS to check the age of a website and Google’s safe browsing function to assess a website’s trustworthiness.
If businesses discover their website has been cloned, they should block the clone from accessing the original site and submit a domain takedown request, accompanied by evidence such as screenshots detailing the cloning attack. Spencer urged businesses and individuals who have fallen victim to website cloning to file a report with their local police, as offenders can face up to 15 years' imprisonment and/or a hefty fine under the Cybercrimes Act.