Five ways AI is creating everyday risks for African businesses
It's evident that attackers are becoming increasingly inventive. The surge of AI-driven techniques is reshaping the global threat landscape, and Africa is no exception. The continent faces a growing tide of sophisticated fraud schemes, propelled by advancements in generative AI, deepfakes, and internal vulnerabilities. It's a clear call for businesses to rethink their strategies and stay ahead in this advancing game.
And the best place to start is by focusing on the real-world risks. During Trend Micro's recent World Tour in Johannesburg, we unpacked the tangible risks posed by AI advancements and shared actionable insights on how businesses can effectively counter these emerging challenges.
A new wave of AI-powered phishing emerges
We've all seen phishing evolve from poorly worded emails riddled with typos to messages that are polished, professional, and even translated flawlessly into multiple languages. But a more recent development is how attackers now leverage AI to scour social media posts—not just the content of posts but the rich ecosystem of interactions around them. There is a treasure trove of personalised insights that can be mined from comments and connections.
Bad actors are then capitalising on AI's ability to seamlessly craft hyper-personalised messages with astonishing precision. The tools are readily available; even platforms like ChatGPT can be leveraged to generate phishing emails that feel tailored and authentic. This doesn't require advanced coding expertise—it's a straightforward process that puts powerful capabilities into the hands of malicious actors.
The implications are striking. It raises the stakes for businesses as the social engineering pressure through phishing channels continues to intensify, demanding a more vigilant and proactive approach to cybersecurity.
Deepfakes are becoming mainstream
Synthetic media has also entered the conversation, and it's rewriting the rules of social engineering. Deepfakes, once a novelty, are now a mainstream threat. Remarkably, deepfake incidents in Africa increased sevenfold from Q2 to Q4 of 2024 due to advanced AI tools.
With just a few seconds of audio, voice cloning tools can convincingly mimic an executive's voice, enabling fraudsters to issue urgent fund transfer requests that sound all too real. And it doesn't stop there. Real-time face swaps on video platforms like WhatsApp mean that even a casual 'let's jump on a quick call' could be a trap. The line between real and fake is blurring fast, and attackers are exploiting that ambiguity with alarming precision.
Recent headline-grabbing incidents—like last year's Quantum AI investment scam that cost consumers billions—underscore just how high the stakes have become.
AI is exposing deeper gaps in data governance
One of the rising challenges businesses must contend with is the risk of data leakage, especially with tools like AI assistants entering the picture. Imagine an employee—whether inadvertently or with malicious intent—asking for sensitive information such as salary details, acquisition plans, or financial results. If the correct access restrictions are not in place, the AI might serve up restricted data that was never meant for broader access.
What we're seeing here is a classic case of AI inheriting flawed permissions—folders scattered across an organisation with access settings that are far too broad. Perhaps a folder is mistakenly set to 'accessible to everyone' when, in reality, only specific employees should have clearance. AI tools will readily surface information that should remain locked down.
It's crucial to understand that this issue isn't solely about AI; it's a reflection of deeper gaps in data governance and permissions management within organisations.
Open-source is an avenue for malicious code
Another emerging concern around AI lies in the potential for the spread of malicious code. Developers crafting AI applications often rely on open-source repositories or widely used models like Meta's LLaMA. But if these repositories contain buggy or, worse, malicious code, those vulnerabilities can creep into your applications unnoticed. It's a sobering reminder that even the tools we trust can become conduits for risk if not carefully vetted.
Hallucinations can prove catastrophic
Hallucinations are another critical consideration. These occur when AI models, particularly those hastily developed or inadequately vetted, generate information that simply isn't real. Take, for example, OpenAI's Whisper model, used for speech recognition and transcription in medical and business settings. When doctors paused during dictation, the software invented additional words seemingly out of thin air. In a medical context, this isn't just inconvenient—it's potentially catastrophic. It underscores an urgent need for robust quality assurance processes tailored to AI systems.
So, what's the path forward? It starts with visibility—broad, deep, and continuous. Understanding where and how AI is being used across your organisation is no longer optional; it's foundational. Monitor AI interactions closely. Are the prompts or responses raising red flags? That insight isn't just diagnostic—it's an opportunity to intervene, guide, and improve. At the same time, your application security processes must evolve to reflect the new AI-driven threat landscape. And if you're training models, the integrity of your data is paramount. Govern it. Protect it. Own it.
The good news is that defensive AI is outpacing offensive capabilities, thanks to significant investments in talent, tools, and innovation. Even in areas where attackers are advancing—like vulnerability discovery—defenders are using the same techniques to stay one step ahead. And with the rise of agentic AI, we're seeing a shift: more power is moving into the hands of those who protect. The future of cybersecurity isn't just about reacting faster—it's about anticipating smarter. And that future is already taking shape.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Zawya
2 hours ago
- Zawya
Nigeria's Dangote warns cheap Russian oil products threaten African refineries
LAGOS: Nigerian billionaire Aliko Dangote has warned discounted Russian petroleum products are pouring into African markets and risk undermining the continent's emerging refining industry. Dangote, who has been ramping up Africa's largest refinery - a $20 billion facility with an initial capacity of 650,000 barrels per day on the outskirts of Lagos - has struggled to secure crude supplies locally even as he aims to expand the capacity to 700,000 bpd. "We are now increasingly facing the dumping of cheap, often toxic petroleum products, some of which are blended to substandard levels that would never be allowed in Europe or North America," Dangote said at an oil conference in Abuja. He attributed this trend to Western sanctions on Russian oil, which have prompted Moscow to offer steep discounts to alternative markets, including Africa. Russia's energy ministry did not immediately respond to a request for comment. Dangote also expressed concern about the Lomé floating oil market off the coast of Togo, which is dominated by international traders. With over 2 million barrels of stored petroleum products, Lomé has become a key hub for fuel imports and Dangote warned it could undermine Africa's refining efforts. Despite Africa producing around 7 million barrels of crude oil per day, only 40% of its consumption is refined locally. The continent still imports over 120 million metric tons of refined products annually. Dangote's refinery, which began operations last year, has started exporting petrol, with exports reaching 1 million tons since June. However, he said local producers faced stiff competition from international traders who exploited regulatory gaps and inconsistent fuel standards across African countries. To protect the domestic industry, Dangote urged African governments to adopt measures employed in the United States, Canada, and Europe, such as tariffs and emissions caps. Despite Dangote's concerns, Africa remains a small market for Russian oil products compared to major buyers like Turkey and Brazil. In June, Russian diesel and gasoil exports to African countries dropped 30% from the previous month, totalling about 0.7 million tons. Morocco, Tunisia, Togo, and Egypt were among the largest importers, according to shipping data. Additionally, some vessels loaded in May with about 230,000 tons of Russian diesel had their destinations marked as "for orders," indicating that final discharge points were not declared or not yet determined. (Reporting by Isaac Anyaogu. Editing by Mark Potter)
Zawya
2 hours ago
- Zawya
Egypt quarterly current account deficit eases to $2.1bln on higher remittances
DUBAI: Egypt's current account deficit narrowed to $2.1 billion in January to March 2025 from $7.5 billion in the same period a year earlier, the central bank said on Tuesday. The central bank attributed the slimmer deficit to the increase in remittances from Egyptians working abroad, as well as a rise in the services surplus due to higher tourism revenue. Oil exports declined to $1.2 billion, from $1.4 in the year earlier, while imports of oil products rose to $4.8 from $3.4 billion. Egypt has sought to import more fuel oil and liquefied natural gas this year to meet its power demands after disruptions to gas supply led to blackouts over the last two years. Concerns over supplies increased after the pipeline supply of natural gas from Israel to Egypt decreased during Israel's air war with Iran last month. Revenues from the Suez Canal, declined to $0.8 billion in the third quarter of the country's financial year, from $1 billion the same time a year ago, as Yemeni Houthis' attacks on ships in the Red Sea continued to cause disruption. The Iran-aligned group says it attacks ships linked to Israel in support of Palestinians in Gaza. Meanwhile, Egypt's tourism revenues reached $3.8 billion, compared to $3.1 billion in the same period in 2023/24. Remittances from Egyptians working abroad increased to $9.3 billion, from $5.1 billion. The increase in remittances has helped to reduce the wider trade deficit. Foreign direct investment hit $3.8 billion, compared to $18.2 billion in the same quarter a year before. Egypt has suffered an economic crisis exacerbated by a foreign currency shortage, which forced it to undergo economic reforms under an $8 billion IMF programme that included allowing its pound to depreciate sharply last year. (Reporting by Ahmed Elimam and Tala Ramadan, Writing by Jaidaa Taha, Editing by Louise Heavens, Bernadette Baum and Barbara Lewis)
Web Release
2 hours ago
- Web Release
Tech Mahindra Joins J.P. Morgans Payments System Integrator Program to Accelerate Innovation in Payments System
: Tech Mahindra (NSE: TECHM), a leading global provider of technology consulting and digital solutions to enterprises across industries, announced it has joined J.P. Morgan Payments System Integrator Program to empower global enterprises to upgrade their payment infrastructure and deliver smarter, more personalized customer experiences. By joining the program, Tech Mahindra will bring its deep expertise in real-time payments, data reconciliation, and enterprise resource planning (ERP) implementations for global clients. With experience in over 1,800 SAP implementations, Tech Mahindra's strength in enterprise transformation, combined with J.P. Morgan Payments' robust payments infrastructure, will help businesses optimize their financial operations. Together, they will empower enterprises with near real-time tracking, enhance reporting and elevate business dashboard functionality by leveraging SAP's Generative AI and Build Process Automation innovations. Roshan Shetty, Head of BFSI & Public Sector – Americas, Tech Mahindra, said, 'Enterprises are increasingly looking to modernize complex payment infrastructures that can deliver on specific client needs. Our collaboration with J.P. Morgan Payments will enable businesses to deploy next-generation payment solutions at scale and help them drive sustainable growth while catering to evolving market needs.' As part of the program, Tech Mahindra will also support the global deployment of J.P. Morgan Payments' next-generation solutions by leveraging its strong delivery capabilities, and broad market presence across key industries and geographies. J.P. Morgan Payments combines treasury services, trade & working capital, and card and merchant services capabilities to help pay customers or employees in different currencies around the world. It processes more than $10 trillion payments daily, operating in over 160 countries and over 120 currencies. Sam Yen, Global Head of Enterprise Application Solutions at J.P. Morgan Payments, said, 'We're committed to meeting our clients' needs at every stage of their journey with our ERP solutions. This collaboration will allow us to offer clients the stability and resiliency of J.P. Morgan Payments combined with Tech Mahindra's technology expertise to help them build future-ready experiences that accelerate their business growth.' The System Integrator Program helps joint customers build comprehensive payment strategies by combining J.P. Morgan Payments solutions with expertise from professional service partners. The program is part of the J.P. Morgan Payments Partner Network, which brings together over 80 third-party relationships to help meet customer business needs for end-to-end payment experiences. Read more about Tech Mahindra's offerings through the J.P. Morgan Payments Partner Network here.
