Cybercrime incidents are on the rise and authorities warn citizens to be alert! With 70% of South African citizens falling prey to cybercrime, a recent shocking case involving the President falling victim to this scourge underscores the growing digital threat facing the nation. A 37-year-old man, Scebi Thabiso Nene, was convicted on 23 May 2025 in the Pietermaritzburg Regional Court for multiple contraventions of the Cybercrimes Act after he created and disseminated manipulated “pornographic” images of President Cyril
Ramaphosa, former Police Minister Bheki Cele and his wife Thembeka Ngcobo as well as and the former National Police Commissioner Khehla Sithole.
Cybercrime chaos in SA
In a stark reminder of South Africa’s digital vulnerability, 70% of the country’s population has been victimized by cybercrime—a staggering figure compared to the global average of 50%. This was revealed this week by Rick Crouch and Associates, a leading Private Investigations Company that specializes in incidences involving cybercrime.
President victim of cybercrime
Between September 2022 and May 2023, Scebi Thabiso Nene downloaded images of these public figures and superimposed their faces onto pornographic images. A Hawks spokesperson, Brigadier Thandi Mbambo said: “The manipulated content was then disseminated on social media platforms, creating false and scandalous impressions of the victims.” Nene manipulated these images by superimposing their faces onto pornographic content and subsequently distributed the altered images via WhatsApp and official Presidency email channels.
The case was brought to the attention of the Hawks’ Serious Organized Crime Investigation Unit in Gauteng. Nene was eventually tracked down and arrested in Pietermaritzburg, KwaZulu-Natal. Following an initial appearance in the Pretoria Magistrates’ Court, the case was transferred to the Pietermaritzburg Regional Court.
Suspect gets sentenced
The court sentenced Nene to five years imprisonment for cyber forgery, and three years for cyber uttering and the disclosure of intimate images. The sentences will run concurrently, and Nene will serve an effective five years behind bars. The grotesque nature of Nene’s actions stunned the nation and highlighted the terrifying ease with which digital tools can be used to destroy reputations.
It will never happen to me
While Nene’s incarceration may bring a temporary sense of justice, the broader issue of cybercrime in South Africa is far from resolved. According to cybercrime specialists, Rick Crouch and Associates, the scale of the problem is immense. Crouch explained that in South Africa, 70% of people had fallen victim to cybercrime and other risky behaviour, compared to 50% globally. “In addition, smartphone users have been victims of cybercrime, which is costing the country over R5-billion,” said Crouch.
Billions of rand lost
Crouch said that they found that 47% of South African smartphone users had also experienced mobile cybercrime in the past 12 months, compared to 38% globally. “The economic impact is equally worrying, with cybercrime costing South Africa the equivalent of 0.14% of its GDP—roughly R5.8 billion per year,” added Crouch. Crouch stressed that while cybercrime is a global plague, South Africans were particularly vulnerable.
Easy targets lax security
“In South Africa, we have become a target of cybercrime because these criminals not only know that our law enforcement agencies are not equipped to detect and fight cybercrime, but they also know that we are very lax when it comes to securing our devices and have that ‘it will never happen to me’ attitude,” warned Crouch. Cybercrime encompasses a wide range of malicious activities involving computers, networks, and smartphones—from phishing scams and identity theft to cyberbullying and revenge porn. As digital threats continue to escalate, Crouch warned that without a nationwide shift in awareness and investment in cybersecurity infrastructure, more South Africans will find themselves victims of a crime they never saw coming.
Top online crimes in SA
- Ransomware (new kid on the block)
- Romance scams
- Sextortion
- Hacking
- Identity theft
- Phishing scams
- Electronic funds transfer fraud
- Online child sexual abuse (child porn)
- Cyber-bullying
- Cyber impersonation
- Social Media profile cloning
Rick Crouch & Associates Unveil Insights
Ransomware typically propagates as a trojan, entering a system through, for example, a downloaded file or a vulnerability in a network service.
The program then runs a payload. The most sophisticated payloads encrypt files, with many using strong encryption to encrypt the victim’s files in such a way that only the malware author has the needed decryption key. The contents of your computer are systematically encrypted. Every file, image and document on your computer is encrypted. An image then flashes up on your screen telling you that your computer has been hijacked and all your data has been encrypted. They go on to say that should you want to get your data back you will have to pay them a certain amount and they will then send you the decryption code.
We also advise people against paying the money because more often than not the hijacker does not send the code.
Rick Crouch & Associates
They usually ask for the payment to be made by Bitcoin so that they cannot be tracked. Your computer cannot be decrypted without the key, so do not let the local computer store tell you that it can. Your only recourse is to reformat, reinstall and restore from your backup.
The Cybercrimes Act in South Africa, officially titled the Cybercrimes Act No. 19 of 2020, is a law that came into effect on 1 December 2021 (with certain sections later enforced in phases). It consolidates and updates laws dealing with cybercrime and criminalizes various online offenses.
To criminalize cyber-related offenses, such as hacking, identity theft, and revenge porn.
To provide a legal framework for the investigation, prosecution, and prevention of cybercrime. To address the sharing of harmful content online. To facilitate cooperation between South Africa and other countries in the fight against cybercrime.
Unlawful Access: Gaining access to a computer system or data without permission (hacking).
Unlawful Interception: Intercepting data transmissions without authorization.
Interference with Data or Systems: Deleting, altering, or damaging data or disrupting systems.
Cyber Fraud: Using false information online to deceive or defraud.
Cyber Forgery and Uttering: Creating or using false digital documents.
Cyber Extortion: Threatening to share harmful data unless a demand is met.
Malicious Communications: Sending messages that are: Harmful (e.g., threats of violence), Discriminatory (based on race, gender, etc.), Distributing intimate images (i.e., revenge porn) without consent.
The South African Police Service (SAPS) is authorized to investigate cybercrimes. Internet Service Providers (ISPs) may be required to assist in investigations or remove illegal content. The law also applies to crimes committed outside South Africa, if they affect people or systems inside the country.
Penalties vary depending on the offense, but can include: Fines of up to R500,000 or more Imprisonment for up to 15 years, or both.
Posting a nude image of someone online without their consent can lead to prosecution.
Accessing someone’s private emails without permission is now a criminal offense.
Sending threats via WhatsApp or social media may fall under malicious communication.
