The fraudsters have gone full circle to entice jobseekers with high salaries posted on the website. Photo/PHOTOS.COM
Online conmen have upped their game in the Kenya’s web space, creating identical websites to those of blue chip companies to swindle job seekers looking for employment through the internet.
East African Breweries Limited was this week the latest victim of cyber criminals who created a fake website, http://eabl.page4.me, with ‘new, job vacancies for accountants, brew masters, IT technicians and drivers.
EABL’s legitimate website is http://www.eabl.com and currently doesn’t have the purported vacancies.
The fraudsters have gone full circle to entice job seekers with high salaries posted on the website and asking those interested to pay a ‘refundable’ application fee of Sh5,500 via Safaricom’s money transfer service, M-Pesa.
EABL and most reputable organisations do not charge for interviews and do not give information on pay before recruitment.
“EABL will not be held liable or take responsibility for any loss or damages arising from information obtained from this website,” said EABL in a statement circulated in the local dailies.
Sources familiar with the attack say that this was the second time and the matter is now under investigation by the Criminal Investigation Department (CID), while admitting that such cases are now more prevalent than organisations can admit.
Technology experts fault lack of a specific government agency to check online activity and are calling on organisations to beef up their online security systems and monitor their cyber space.
“There is no government agency checking what is written on the websites leaving it up to consumers to use their own senses, judgment and logical reasoning skills to figure out which are real and which are fake. But sadly many people especially, the job seekers miss logical reasoning abilities when responding to such information,” said Moses Simiyu, an IT expert.
According to the Kenya Communications (Amendment) Act 2009, a hacker if convicted shall be liable to a fine not exceeding Sh300,000 or imprisonment for a term not exceeding three years, or both.
However, the Act does not capture criminals who come up with identical websites to those of an organisation, providing the fraudsters with a free license to operate.
Experts say the SIM card registration could have gone a long way in reducing crime committed using the mobile phone.
“If the government had moved to enforce the SIM card registration exercise, perhaps such conmen would not have the guts to use the mobile network to carry out their criminal activities,” said Mr Simiyu.
Increased bandwidth
Online fraudsters are taking advantage of the increased bandwidth, courtesy of the three undersea fibre optic cables, to attack and even bring down government and company websites.
Last week, the Kenya Police website landed in the hands of cyber criminals, who defaced the front page with a message dedicating their feat to Mark Zuckerberg, Facebook’s CEO and founder.
The hacker also updated the title of the page, raising the question about the safety of data held by government at a time its agencies are adopting e-government.
Others whose websites have been hacked include State House, Ministry of Finance, administration police and mobile service provider, Yu among others.
Technology experts say that companies with websites should not just stop at protecting their sites from external attacks, but also monitor created identical websites to their own, doubling their workload.
“Most of such websites contain just one or two web pages with the specific misinformation. It can even be a creation of competitors with an intention to ruin your reputation as a company,” said Colin Azavedo, director of a marketing agency Wunderman.
According to Mr Azavedo, large companies that witness lots of hits per day on their websites are the most targeted and it is important that they invest in personnel to monitor what is happening within and outside their websites.
“This will call for more investment in human resource with a specific job description of monitoring what is happening on their websites and also the fraudsters. They can also use e-mail, instant messaging, or social networks to direct users to enter details at a fake website whose look and feel are almost identical to the legitimate one,” said Mr Azavedo.
Organisations that also rarely update their websites have also been cited as potential targets.
“If you rarely update your website or check it out frequently, an online criminal could easily make a copy and use it against you,” said Mr Simiyu.
Threaten credibility
The rising cases of online insecurity now threaten the credibility of information on company’s websites, and could hurt the ongoing shift towards e-collaboration, brand building and marketing.
Social websites have been the easiest targets of cons since they can easily open a new account for their target company at little or no expense and share information as if it is coming from the said company to its group of friends or followers.
Some of the main areas Kenyans engage companies online that can easily be used by cons include promotions or specific offer about the brand or use specific applications promoted by the brand.
Should this information be false or from a fraudster’s website, then this would work against the company’s image.
Comentarios