PROJECT: MODERN TECHNOLOGY-FUELLED CYBER & FINANCIAL CRIME TARGETING SOUTH AFRICANS
- Isabel Spies
- Oct 2
- 5 min read
PLEASE SHARE THIS PUBLIC DOCUMENT
South Africans today are facing a surge in cyber and financial crimes powered by rapidly evolving technology—
from SIM-swapping and phishing to ransomware and AI-enabled deepfakes.
Fraudsters are sophisticated, agile, and organised.
This modern threat demands better public awareness and stronger defences.
WHO ARE TODAY'S CRIMINALS?
Organised syndicates functioning AS criminal enterprises, deploying malware, phishing kits, and running mule networks to launder stolen funds.
Cyber freelancers, selling tools like ransomware-as-a-service or phishing templates on underground markets.
Opportunistic scammers, who exploit human trust through social engineering, romance scams, or fake tech support calls.
Insiders and collaborators, including compromised telco or banking staff, enabling SIM swaps or credential theft from within.
HOW TECHNOLOGY ENABLES CRIMINALS:
PHISHING & BEC (BUSINESS EMAIL COMPROMISE):
Scammers impersonate executives, convince targets to approve fraudulent payments, or trick them into revealing credentials through fake emails and websites.
SIM-SWAP & MOBILE NUMBER TAKEOVER:
By social engineering or corrupting telco personnel, criminals hijack victims’ phone numbers—then intercept two-factor authentication codes to take over bank and social accounts.
BANKING APP FRAUD & INSTANT TRANSFERS:
Once they gain account access, attackers move money using digital wallets and instant payment rails, often withdrawing via mule networks before the account owner notices.
RANSOMWARE & PHISHING ESCALATION:
High-value targets are hit with data encryption and double extortion tactics—threatening to leak sensitive data unless a ransom is paid.
CREDENTIAL STUFFING & BOT ATTACKS:
Reused passwords from old data breaches are tested across multiple platforms, leading to account takeovers when users refill credentials across websites.
AI & DEEPFAKE SCAMS:
Realistic voice or video impersonations ("deepfakes") make scam calls and messages far more believable, increasing victims’ trust and compliance.
WHY SOUTH AFRICANS ARE ESPECIALLY VULNERABLE:
Heavy reliance on mobile and SMS-based 2-factor authentication, which is easily intercepted via SIM-swap attacks.
Rapid digital transition—more people using banking apps and instant payments, often with limited security literacy.
Social engineering effectiveness—scammers exploit fear, urgency, or goodwill to trick victims.
Cash-out networks are in place, reducing the time before stolen funds vanish.
Gaps in enforcement—criminal networks operate rapidly and across borders, often outpacing investigative capacities.
THE CRIMINAL PLAYBOOK (STEP-BY-STEP):
RECONNAISSANCE:
Harvest phone numbers or email addresses via breaches or social platforms.
WEAPONISATION:
Build phishing emails, clone banking pages, or acquire SIM-swap tools.
ACCOUNT TAKEOVER:
Use phishing, credential stuffing, or SIM-swap to gain access.
MONETISATION:
Move funds via banking apps, demand a ransom, or redirect BEC payments.
CASH-OUT:
Use mule accounts, convert to crypto, or funnel to offshore wallets.
REPEAT:
Adapt tactics and target new victims.
PROTECTION FOR INDIVIDUALS:
Avoid SMS-only MFA—use authenticator apps or hardware tokens where possible.
Secure your mobile number—contact your telco to enable porting protections or require extra verification.
Verify unexpected payment requests—don’t respond directly to suspicious emails or WhatsApp messages; call the person directly using a known number.
Stay informed—learn about phishing signs, deepfakes, and report suspicious activity immediately.
PRECAUTIONARY MEASURES FOR BUSINESSES AND ORGANISED INSTITUTIONS:
Use strong MFA that does not rely on SMS.
Segregate payments—insist on multi-level approvals and out-of-band confirmation for large transfers.
Train staff—conduct phishing simulations and embed security culture.
Maintain backups and test incident response readiness regularly.
WHAT IS BEING DONE AND WHERE GAPS REMAIN:
Industry reporting by SABRIC and banking groups helps spotlight trends and educate customers.
Coordination with INTERPOL is improving cross-border enforcement—though recovery of stolen funds remains difficult.
Telco reforms are underway but not yet uniformly enforced.
Civil awareness is growing—but wider public education and integration with SAPS reporting channels will strengthen resilience.
Modern criminals blend psychology, organisational skills, and emerging technology—
posing a high-stakes threat to both individuals and businesses.
Combatting this requires who we are (the public), what we do (train, verify, secure),
and how institutions and enforcement respond together.
Specialised Security Services remains committed to helping South Africans stay safe online.
Share this post, join our Mike Bolhuis Daily Projects WhatsApp Group, and remember—
if something does not feel right, check again.
Specialised Security Services invites the public to the Mike Bolhuis Daily Projects WhatsApp Channel.
This channel is important in delivering insights into the latest crime trends, awareness, warnings and the exposure of criminals.
How to Join the WhatsApp Channel:
1. Make sure you have the latest version of WhatsApp on your device.
2. Click on the link below to join the Mike Bolhuis Daily Projects WhatsApp Channel:
3. Follow the prompts to join the channel.
4. Make sure you click on "Follow", then click on the "bell"-icon (🔔)
CONTACT MR MIKE BOLHUIS FOR SAFETY AND SECURITY MEASURES, PROTECTION, OR AN INVESTIGATION IF NEEDED.
ALL INFORMATION RECEIVED WILL BE TREATED IN THE STRICTEST CONFIDENTIALITY AND EVERY IDENTITY WILL BE PROTECTED.
Regards,
Mike Bolhuis
Specialist Investigators into
Serious Violent, Serious Economic Crimes & Serious Cybercrimes
PSIRA Reg. 1590364/421949
Mobile: +27 82 447 6116
E-mail: mike@mikebolhuis.co.za
Fax: 086 585 4924
Follow us on Facebook to view our projects -
EXTREMELY IMPORTANT: All potential clients need to be aware that owing to the nature of our work as specialist investigators there are people who have been caught on the wrong side of the law - who are trying to discredit me - Mike Bolhuis and my organisation Specialised Security Services - to get themselves off the hook. This retaliation happens on social media and creates doubt about our integrity and ability. Doubt created on social media platforms is both unwarranted and untrue. We strongly recommend that you make up your minds concerning me and our organisation only after considering all the factual information - to the exclusion of hearsay and assumptions. Furthermore, you are welcome to address your concerns directly with me should you still be unsatisfied with your conclusions. While the internet provides a lot of valuable information, it is also a platform that distributes a lot of false information. The distribution of false information, fake news, slander and hate speech constitutes a crime that can be prosecuted by law. Your own research discretion and discernment are imperative when choosing what and what not to believe.
STANDARD RULES APPLY: Upon appointment, we require a formal mandate with detailed instructions. Please take note that should you not make use of our services – you may not under any circumstance use my name or the name of my organisation as a means to achieve whatever end.
POPI ACT 4 of 2013 South Africa: Mike Bolhuis' "Specialised Security Services" falls under Section 6 of the act. Read more here: https://mikebh.link/fntdpv
SSS TASK TEAM:
Copyright © 2015- PRESENT | Mike Bolhuis Specialised Security Services | All rights reserved.
Our mailing address is:
Mike Bolhuis Specialised Security Services
PO Box 15075 Lynn East
Pretoria, Gauteng 0039
South Africa
Add us to your address book
THIS PUBLIC DOCUMENT WAS INTENDED TO BE SHARED, PLEASE DO SO.
