TM Pick n Pay Cyber Breach is a tip of the iceberg

As the chairperson of ZICT I have been requested to unpack one of the latest cyber attack that is currently on the news headlines, “https://www.herald.co.zw/hackers-fleece-supermarket-of-22m/ “ This is now a common crime that we can stop NOW. This is probably Zimbabwe’s major cyber threat to businesses, the attack is an email-based impersonation scam or phishing. The attacking scheme involves cyber criminals mimicking business owners and executives through the use of phishing emails. In Zimbabwe we do not buy similar domains to protect the identity of our organisation. Organisations and companies should make it a priority to register domain extensions. For example, if you are OK Zimbabwe which currently uses www.okzim.co.zw they should buy www.ok.co.zw, www.ok.org, www.ok.com, www.ok.org.zw, www.ok.ac.zw NOW. The idea is to protect the identity of your company from email impersonators and fraudsters who will use it for phishing.

In the case of TM pick n Pay the domain registered was www.tmsupermarkets.com and the emails created to impersonate included the finance manager’s email address Raymond Matsetswa Raymondmatsetswa@tmsupermarkets.com Typical. In most cases fraudsters or cyber criminals typically pose as personnel in positions of authority and ask their victims to perform money transfers, pay invoices, or to send the attacker sensitive data.

Zimbabwean companies should now make it a priority to protect their businesses by registering and buying domains. Cyber criminals in Zimbabwe are now on the lookout for Zimbabwean companies that do not have a domain extension that are protected. With the .com being the most sort after domain. Criminals can buy a .com in a space of 5 minutes clone the organisation and company website so that it looks like the original website and create the emails. The cyber criminal then in turn uses phishing. Phishing is a type of online scam where criminals impersonate legitimate organizations via email, text messages, advertisements or other means in order to steal sensitive information. This is usually done by including a link that will appear to take you to the company’s website to fill in your information, but the website is a clever fake and the information you provide goes straight to the criminal behind the scam.

The intention of the cyber attacker is to trick their victims into making money transfers, or paying invoices to defraud your business. The idea may be to force you to send back sensitive data related to your business or your clients.  You innocently click on a hyperlink that will allow the cyber criminal to take over the victim’s computer and/or user credentials to facilitate fraud in what is called a Business Email Compromise (BEC) attack.

If you would like to know more on how to protect your organisation from similar scams you can contact us on +263772278161 or email jkmutisi@hansole.org or chair@zict.org.zw

Engineer Jacob Kudzayi Mutisi