Exploring Cyber Fraud within the South African Cybersecurity Legal Framework


  • Murdoch Watney University of Johannesburg




All countries are globally struggling with the challenges cybercrime presents to the cybersecurity legal framework. Fraud is not a new crime and existed long before the internet. The internet provides a threat actor access to a lot of potential victims and the use of various threat vectors to gain access to personal information by means of social engineering. It is therefore not surprising that cyber fraud has become a serious threat which continues to escalate globally. In 2021, around $100 million was lost in Canada due to online fraud. The United Kingdom (UK) Finance indicated that cyber fraud costs consumers more than £1.2 billion in 2022. The South African (SA) Fraud Prevention Services noted a 356% surge in identity fraud between April 2022 and April 2023. The cybersecurity threat landscape is ever-evolving with the UK Finance warning that the number of cyber frauds could surge out of control as threat actors begin to incorporate the use of Artificial intelligence (AI) to make their operations far more sophisticated and not as easily detected. In 2023 the United States (US) also warned that the irresponsible use of AI could exacerbate societal harms such as fraud. Cyber fraud, also referred to as a “white collar” or commercial crime, is an umbrella term to describe the commission of different types of cyber fraud by means of the use of various threat vectors. The threat vector used to commit the different type of fraud is continuously evolving, such as the use of sophisticated phishing to quishing and deep fakes which are aimed at deceiving the recipient in sharing information. The information obtained from a data breach may be used to commit cyber fraud. Irrespective of the threat vector used to commit fraud, all types of fraud present with the same elements, namely a threat actor who unlawfully and intentionally deceives a victim to benefit and cause harm. The discussion focuses on cyber fraud in general and not a specific type of cyber fraud. The purpose of the discussion is to provide an overview of the challenges cyber fraud present to the South African cybersecurity legal landscape.