The Botswana Energy Regulatory Authority (BERA) and the Local Enterprise Authority (LEA) have become the latest targets of cyber criminals, with both organisations reporting phishing attacks this week.
A phishing attack occurs when cyber criminals send fraudulent, but genuine looking communications that appear to come from a reputable source. In many instances, the cyber criminals also set up a website that at first glance looks like the reputable source.
The attack is designed to trick users into divulging sensitive data, downloading malware, and exposing themselves or their organisations to cybercrime. On Tuesday, LEA warned its clients that it was aware of an email purporting to originate from the organisation and entitled “Payment”. Recipients of the fake email are directed to click on a link to access the “payment advice”.
Still this week, BERA said it had become aware of a phishing website, posing as the Authority which was attempting to deceive users into logging in their personal and financial information. According to BERA, the fake website mimics the Authority’s own website but its URL does not match the official www.bera.co.bw. The fake website prompts users to enter personal information such as login credentials, financial data and other sensitive information.
The latest attacks come after another parastatal, the Botswana Power Corporation, lost access to its official facebook account for more than a month, after hackers took it over. Local cyber security experts have cautioned government and parastatals to redouble their defences as hackers intensify their activities in the country.