COVID-19: Cybersafe Foundation unveils project to equip digitally vulnerable groups, SMEs

  • Secures UK Government’s funding through the Prosperity Fund’s Digital Access Programme
  •  KnowBe4 Africa, CSEAN, others’ supports   

CyberSafe Foundation, one of Nigeria’s foremost non-governmental organization in the information security domain, has unveiled plans to equip digitally vulnerable groups and 1500 SMEs with the knowledge and skills required to identify, protect, detect, defend and respond to COVID-19 instigated cyber threats, enabling a safe digital community.

CyberSafe Foundation which is on a mission to facilitate pockets of changes that ensure a safer internet for everyone with digital access and resident in Nigeria has secured funding from the UK Government’s Digital Access Programme. In addition, CyberSafe Foundation has secured support from KnowBe4 Africa, CyberSecurity Experts Association of Nigeria (CSEAN), and other experts to ensure the program tagged ‘Safe Digital Community During COVID-19’ project is achieved.

“Without an iota of doubt, the COVID-19 global pandemic has created an atmosphere of chaos, confusion and fear, a perfect backdrop for malicious actors to carry out a range of attack types. A particularly vulnerable group is the Small and Medium Size Businesses, many of whom do not have technology, people, or processes in place to detect or defend against cyberattacks. This project will provide the much-needed free upskilling training for employees of beneficiary SMEs by cybersecurity experts” said the Founder/Executive Director, CyberSafe Foundation, Confidence Staveley.

Staveley further disclosed that the volunteer faculty team consists of highly experienced and exceptional cybersecurity leaders based in Nigeria, United Kingdom, Canada, United Arab Emirates, United States of America, Cayman Islands and South Africa.

“Beneficiary SMEs will cut across all parts of Nigeria and business sectors, including underserved communities in the Northern part of the country and Healthcare organizations”, she said. 

Continuing, she said, “Learning will be delivered online as a combination of bi-weekly live training sessions and self-paced learning materials consumed via our learning management system.

SMEs will register to be part of the free virtual training which begins 9th October 2020. www.learn.cybersafefoundation.org.

“Individuals are also targeted by cybercriminals with COVID-19 themed attacks like; relief packages scams, impersonation of trusted organizations; resulting in theft of confidential information and money from unwary victims.

“As we continue to work tirelessly to improve cyber safety in Nigeria, especially for the most vulnerable in our society, this program presents a means to reduce the success rate of cyberattacks by raising mass awareness of COVID-19 themed cyber threats. We will leverage entertainment as a vehicle to propagate safe cyber hygiene best practices to millions of people resident in Nigeria”, she said.

“The “Safe Digital Community during COVID-19 Project” is part of UK’s cyber risk mitigation support to Nigeria’s COVID-19 response.  This project demonstrates the UK Government’s continued support for Nigeria and its digital sector, recognizing the tech ecosystem’s role in inclusive growth and development.” said the Idongesit Udoh UK Government’s Head of Digital Access Programme and Country Adviser.

“We are excited about this project and the impact it will have in enhancing the safety of Nigeria’s digital space. It is also exciting that this project kickoff coincides with the 2020 London Tech Week, which showcases the UK as a global leader in tech.”

Commenting on the program, the President Cyber Security Experts Association of Nigeria, Remi Afon said that considering that the COVID-19 pandemic has led to a significant shift in tactics employed by cybercriminals, it has become pertinent to intensify cybersecurity awareness to ensure that individuals and businesses of all sizes can avoid falling prey to cybercriminals.

“In the wake of this reality and recognising the urgent need to address COVID-19 enabled cyber scams, the CyberSafe Foundation – CSEAN partnership aimed at delivering SDCDC-19 in Nigeria will go a long way in building the cybersecurity capacity and resilience of our target audience,” Afon said.

Registration

To register for the program follow the link:

www.learn.cybersafefoundation.org

Cybersafe Foundation appoints Dr. Peter Obadare as chairman advisory board

LAGOS; September 01, 2020 – A seasoned cybersecurity thought leader, Dr. Obadare Peter Adewale, has been appointed as the Chairman, Advisory Board of Cybersafe Foundation.

The non-governmental organization is on a mission to facilitate pockets of change that ensure a safer internet for everyone with digital access and resident in Nigeria.

In this role, Dr. Obadare will oversee the activities of the board and all sub committees as set in the Foundation’s corporate governance manual.

Dr. Obadare who doubles as the Co-Founder and Chief Operating Officer of Digital Encode Limited, is arguably the most “Credentialsed” PAN-African CyberSecurity & GRC thought leader; a Fellow of the British Computer Society (FBCS); Fellow Institute of Management Consultants (FIMC); Fellow, Institute of Information Management (FIIM); Fellow Institute of Brand Management (FIBM); Chartered Information Technology Professional (CITP); the First PECB Certified Data Protection Officer  (CDPO) in Nigeria; the First Ec-Council Licensed Penetration Tester (LPT) in Africa; First Ec-Council Certified BlockChain in Africa; second COBIT 5 Certified Assessor in Africa  Payment Card Industry Data Security Standard Qualified Security Assessor (PCI DSS QSA), amongst others.

He is a seasoned CyberSecurity Expert and GRC Technopreneur with over 50 (Fifty) international professional certifications to his credit and was awarded Honorarary Doctorate Degree in Cybersecurity from Trinity International University of Ambassadors Atlanta Georgia, United State of America.

Peter is a well-recognized subject matter expert with numerous successful engagements to his credit in Africa.

Commenting on the appointment, the Founder/Executive Director, Cybersafe Foundation, Confidence Staveley (Recepient of Top 50 Cybersecurity Women in Africa), said that as they aspire to become very successful and impactful organisation, the Foundation recognises need to tap from the knowledge, experience and insight Dr. Obadare brings, to enable them attain unprecedented new heights.

In her words, “We are excited to welcome a seasoned cybersecurity leader, Dr. Adewale as the chairman of our advisory board. His personal values such as passion, excellence, service and integrity align perfectly with that of CyberSafe Foundation.

“We believe his knowledge, experience and insight, will catalyze attainment of unprecedented heights in our pursuit to enabling a safe cyberspace for Nigeria and in extension, Africa.  There could be no better time to have such a valuable, passionate and expert leader for our advisory board”

The board is responsible for creating vision for the Foundation, articulating its values and principles, setting goals, developing effective governance policy, meeting and monitoring standards.

GTBank “GeNS Transaction Alert” Phishing Email

Cybercriminals are sending emails pretending to be from Guaranty Trust Bank. These emails come as an alert for an impending debit due to stamp duty. Below is a sample and analysis of one of such phishing emails.

  1. Spoofed Email Address

The sender’s email shows that it from the domain gtbank[.]com which is the actual domain for Guaranty Trust Bank. What this means is that the sender’s email has been spoofed. Email spoofing is the creation of an email with a forged sender address. Ultimately, the goal is to make the recipient believe that the email originated from someone other than the true source. The cybercriminals are trying to make the recipient think that this email originated from GTBank.

Note: the lesson here is that you shouldn’t trust an email simply because the sender’s address is familiar.

2. Generic Email Greeting

Notice that the email greeting is generic. Instead of addressing the recipient by name, a “Dear Customer” is used. This shows that this is not a targeted attack but rather the perpetrators are sending to a large number of people and hoping some fall for it.

3. Spoofed Clickable Link

The clickable link in the email has also been made to appear to be from GTBank. The text of the URL is ibank[.]gtbank[.]com/….. but the actual URL it leads to when clicked is something different. The destination is a look-alike of the Guaranty Trust Bank Internet banking page. The aim is to trick people into thinking they are on the real GTBank internet page and inputting their login credentials which are then sent to the cybercriminals.

If you’re on a laptop or PC, simply hovering over the link would show the destination but if you’re on a mobile device you may check the link by holding your finger down on it. Unlike a short tap on the link which would open the link, holding your finger on the link will cause a new dialogue window to pop up, showing you the destination web address without taking you there.

4. The Use of Fear and Urgency

To make recipients more likely to click the link, the cybercriminals use stamp duty charges as a pretext. The email then explicitly states that if action is not taken within 12 hours the recipient will be debited. The cybercriminals are using fear, precisely, the fear of losing money.

The use of emotions such as fear is a common tactic of cybercriminals. They do this to try to get their victims to act without thinking. Always watch out for emails that sound urgent or try to make you afraid, its a sure red flag.

5. The Use of Company Logo and Branding

Just like using the fake sender email, the use of the bank’s logo and branding is to make recipients less suspicious and enhance the legitimacy of the email.

Lesson: don’t be misled by appearances, never trust an email simply because it looks like other emails you have received in the past from the same organization.

Finally, always try to think critically and never be in a rush to take action.