Cyber Fraud for SMMEs in South Africa: Practical Prevention Checklist

Cyber fraud is no longer a big-company-only problem. Small businesses are targeted because controls are often lighter and response capacity is limited.

Top Risks for SA SMEs

Business email compromise (payment instruction fraud)
Phishing links stealing credentials
WhatsApp impersonation of owners/managers
Ransomware locking files and operations
Cloud account takeover (mail, storage, accounting)

Minimum Security Baseline

MFA on email, banking, accounting tools.
Password manager and unique passwords.
Endpoint antivirus and patch updates.
Daily cloud backup + periodic offline backup.
Staff phishing awareness training quarterly.

Without MFA, all other controls are weaker.

Payment-Specific Cyber Controls

Never action payment change requests from chat apps.
Verify all unusual payment requests by voice callback.
Use payment approval thresholds with dual sign-off.
Disable shared finance logins.

Incident Response in First 60 Minutes

Isolate affected devices.
Reset compromised credentials.
Notify bank if payment risk exists.
Preserve logs/screenshots/evidence.
Inform key customers/suppliers if operations impacted.

Preparedness reduces downtime.

POPIA and Data Handling

If customer data is exposed, assess reporting obligations under POPIA and engage your information officer/legal support promptly.

Disclaimer: Cyber incidents vary by system and severity. Use qualified IT security support for containment and recovery.

Cyber Fraud for SMMEs in South Africa: Practical Prevention Checklist

Cyber fraud is no longer a big-company-only problem. Small businesses are targeted because controls are often lighter and response capacity is limited.

Top Risks for SA SMEs

Business email compromise (payment instruction fraud)
Phishing links stealing credentials
WhatsApp impersonation of owners/managers
Ransomware locking files and operations
Cloud account takeover (mail, storage, accounting)

Minimum Security Baseline

MFA on email, banking, accounting tools.
Password manager and unique passwords.
Endpoint antivirus and patch updates.
Daily cloud backup + periodic offline backup.
Staff phishing awareness training quarterly.

Without MFA, all other controls are weaker.

Payment-Specific Cyber Controls

Never action payment change requests from chat apps.
Verify all unusual payment requests by voice callback.
Use payment approval thresholds with dual sign-off.
Disable shared finance logins.

Incident Response in First 60 Minutes

Isolate affected devices.
Reset compromised credentials.
Notify bank if payment risk exists.
Preserve logs/screenshots/evidence.
Inform key customers/suppliers if operations impacted.

Preparedness reduces downtime.

POPIA and Data Handling

If customer data is exposed, assess reporting obligations under POPIA and engage your information officer/legal support promptly.

Disclaimer: Cyber incidents vary by system and severity. Use qualified IT security support for containment and recovery.

Theft prevention

Cyber Fraud for SMMEs in South Africa: Practical Prevention Checklist

Top Risks for SA SMEs

Minimum Security Baseline

Payment-Specific Cyber Controls

Incident Response in First 60 Minutes

POPIA and Data Handling

Theft prevention

Cyber Fraud for SMMEs in South Africa: Practical Prevention Checklist

Top Risks for SA SMEs

Minimum Security Baseline

Payment-Specific Cyber Controls

Incident Response in First 60 Minutes

POPIA and Data Handling