Eswatini is facing an alarming surge in cybercrime cases, with Mobile Wallet Fraud, locally known as facata scams, topping the list of reported incidents.
These scams predominantly target the elderly, tricking victims into revealing personal or financial information. Other major offences include phishing, where unsuspecting users are lured into clicking on malicious links or attachments, as well as cyberbullying and cyber-harassment, which continue to affect many children and young people.
According to Eswatini Communications Commission (ESCCOM) Chief Executive, Mvilawemphi Dlamini, the growing use of digital platforms in everyday life has exposed Emaswati to a wide range of cyber threats.
“Every day, digital media use increases our exposure to risks such as phishing, malware, identity theft, fake websites and social engineering,” Dlamini warned. “Many online offers that seem too good to be true often are.”
He added that these threats can cause severe consequences from financial losses and data breaches to privacy violations and organisational disruptions. In workplaces, a single compromised employee account can open the door to widespread cyberattacks, leading to reputational damage, operational downtime and even regulatory penalties.
Stay Vigilant Online
Dlamini emphasised that good cybersecurity habits are the best line of defence. Emaswati are urged to remain cautious when browsing, downloading, or responding to online messages.
ESCCOM continues to advise the public to avoid clicking on suspicious links or opening emails from unknown senders. Key red flags include:
– Emails or messages with poor grammar or unusual punctuation
– Spelling variations in familiar email addresses (e.g. info@escc0m.org.sz instead of info@esccom.org.sz)
– Websites that do not begin with “https://”
– Messages that promise unrealistic rewards or demand urgent action, such as service termination or account suspension
Any message or link requesting your PIN or login details should be treated as malicious, as it may expose you and your organisation to cybercriminals.
Public Wi-Fi: Convenient but Risky.
While public Wi-Fi is often free and accessible, Dlamini cautioned that some networks are intentionally created by hackers to steal sensitive information or gain unauthorised access to accounts.
“Always connect to networks that are publicly advertised by reputable establishments,” he said. “Even then, avoid logging into banking apps or work systems that carry confidential data.”
He recommended the use of a Virtual Private Network (VPN) when connecting to public Wi-Fi.
“A VPN encrypts your data, preventing it from being intercepted by malicious actors. Always choose reputable preferably paid VPN services,” he advised.
Enhancing Protection with Multi-Factor Authentication
To further strengthen digital security, Dlamini encouraged the use of Multi-Factor Authentication (MFA), which adds an additional layer of protection beyond passwords.
“Even if someone steals your password, they cannot access your account without the secondary verification step, such as a code sent to your phone or email,” he explained.
MFA not only protects individuals but also helps organisations comply with data protection standards, reducing the risk of costly breaches and reputational damage. The strongest security setups combine three factors:
– Something you know – a password or PIN
– Something you have – a phone or security token
– Something you are – a fingerprint or facial recognition
AI and Cybercrime: The Double-Edged Sword
Emerging technologies such as Artificial Intelligence (AI) and Machine Learning (ML) are transforming the cybersecurity landscape. Dlamini described them as “two sides of the same coin.”
On one hand, AI enhances fraud detection, automates incident responses, and improves threat monitoring. On the other, cybercriminals are using these same tools to create sophisticated phishing attacks that are increasingly difficult to detect.
Data Protection and Privacy
As Eswatini moves deeper into the digital era, organisations are reminded to prioritise data privacy, transparency, and trust. Under the Data Protection Act of 2022, individuals known as data subjects have the right to know how their personal information is collected, used, and shared.
Organisations are legally required to ensure that data is handled lawfully, fairly, and securely, protecting it from unauthorised access or misuse. Compliance with the Act is not just a legal duty but a critical component of maintaining public trust in the digital space.
Dlamini urged all Emaswati to remain alert and responsible when online.
“Cybersecurity is not just a technical issue, it is a shared responsibility. By practising safe online habits, we can protect ourselves, our families and our nation’s digital future.”
