Cybercrime is increasing rapidly, with Interpol reporting that almost every single scam or fraud currently being perpetrated across Africa has a related cyber crime element.

According to the 2024 edition of the Interpol Africa Cyberthreat Assessment Report, phishing emails were identified as the most common attack vector for business email compromise scams in nearly 80% of African member countries in 2023. Member countries reported that, in combination with phishing emails, perpetrators are exploiting various media as part of business email compromise (BEC) scams, including text messages, phone calls, and virtual meetings. For instance, some threat actors have joined virtual meetings as dial-in users to steal confidential corporate information. Social media and instant messaging services are also increasingly being abused to carry out reconnaissance and/or contact victims.

Regarding legal exposure to BEC scams, it is important to note that the South African Legal Framework is very clear regarding the duty of care when preventing oneself from becoming a victim of cybercrime. In the cases of Fourie v Van der Spuy and De Jongh Inc, and Others and Edward Nathan Sonnenberg Inc v Judith Mary Hawarden, the court pointed out that the party making the payment has the duty of care to verify that they are making payment into the correct account. In the case of Hawarden, there were repeated warnings of the ever-present threat of cybercrime, and one still occurred.

We need to remain aware of the ever-present threat of cybercrime and what our legal framework points out regarding becoming a victim of cybercrime and participating in cybercrime (willing or not).