The Covid-19 pandemic has changed the world forever. The way people think and behave is different in many ways, not just relating to their health.
Lockdowns have seen a dramatic rise in online shopping, workplaces are increasingly looking at flexible work arrangements, and online fraud is increasing too.
In the world of cybercrime, fraudsters tend to follow global trends. When it comes to Covid-19, that means a rise in pandemic fraud content, whether it be targeted at aspects of the pandemic, or its knock-on effects.
In the UK alone, authorities reported more than £34.5 million was stolen in pandemic-related scams from 2020 - 2021.
Just as fraudsters adapt to new situations, so too do fraud detection and prevention methods. This article shows just how the landscape has changed since the Covid pandemic and what anti-fraud technology you need to cope with the new normal.
How has online fraud changed due to the pandemic?
The onset of Covid-19 has been called a tremendous boon for online criminals. Cybercrime was already trending up, so it’s difficult to isolate the exact effects of the pandemic, but there are notable examples of the situation having fuelled the fire.
Analysis shows spam messages rose by an astonishing 220 percent between February and March 2020, as the pandemic took hold. The number of malicious URLs nearly tripled in that time too.
The coronavirus also spawned new scams, preying on consumer misinformation and uncertainty. Reuters reported that from March to August, covid fraud cost consumers $100 million across the United States, much of it due to stimulus relief when much of the economy was shut down. While complete data in 2021 is difficult to come across, the number of cybercrime complaints has risen every year from 2016 - 2020.
The threat of online fraud is greater than it has ever been, both for consumers and online services. Whether it is specifically related to covid-19 fraud or any other type of online scam, it’s a virtual certainty that fraudsters will target your website this year.
Are businesses more aware of fraud risk post-pandemic?
Not only has the frequency of online fraud increased since the onset of the pandemic, but the nature of fraud attempts has changed. Many of these trends were coming into focus before the pandemic but were accelerated as more individuals worked, shopped, and socialized online.
As described by Interpol, one key change in recent years is the way scammers are moving away from targeting individuals, and increasingly going after organizations - particularly large businesses and even government organizations. Fraud awareness at major online companies is high as a result. Almost 70 percent of major organizations told a Learn Bonds study that they plan to increase their spending on cybersecurity since the covid outbreak. This can be explained both by the increase in threats overall, as well as by the changing nature of workplaces following lockdowns. As many white-collar workers are now working from home indefinitely, companies will need to institute stricter security measures around identity and access management.
Not only are companies willing to invest in cybersecurity and fraud prevention, but their executives are also beginning to take the existential risk of security breaches more seriously. 18 percent of CEOs told a 2020 KPMG study that online security threats were the greatest risk of derailing their company’s growth in the next three years. That number was nearly double the 10 percent of CEOs who had the same response six months earlier.
What factors are influencing fraud post-pandemic?
In general, fraudsters react to global changes in the way people behave and craft new techniques to take advantage. Fraudsters will always look to exploit common (and risky) behaviors found online and give themselves the greatest chance of success.
When it comes to frauds in business since the pandemic, there are a few common trends that fraudsters are looking to take advantage of:
- Remote working: Remote employees present a greater risk of fraud to your business. Unsupervised employees can charge for the time they spend not working, they are more able to steal company data, and they have more opportunities to fraudulently claim workplace compensation.
- Ecommerce: Two-thirds of consumers say they shop online more now than they did before the pandemic. There is a range of ways scammers are targeting online shoppers that can ultimately impact online businesses. One important example is payment fraud, where malicious actors make fraudulent purchases using phished or otherwise acquired credit cards.
- Supply scams: Many industries report supply shortages in a post-pandemic world, and fraudsters can exploit the enthusiasm businesses might have at the possibility of getting hard-to-find supplies.
Questions businesses should answer to quantify their fraud risk
1. What does your remote working infrastructure look like?
The rise in remote working presents an opportunity for fraudsters to exploit employees that have much less supervision than in a traditional office setting.
The FBI reported more than 19,000 complaints of email phishing in 2020. One common technique had fraudsters masquerading as senior managers or executives in an attempt to get junior staff to reveal sensitive information. It’s important to have clear steps outlined so that employees working remotely know how to deal with suspicious emails or other fraud attempts.
Having clear expectations for remote employees not only helps them to stay productive, but it’s also a form of pandemic fraud prevention. Working remotely comes with a degree of trust, and perhaps even leniency, but staff should know that if they’re being paid, they should be working.
2. What internal and external risks are applicable for your business?
One way to reduce fraud in business is to manage the risks of the post-pandemic world. Identifying what the risks are, and coming up with ways to minimize those risks is a good place to start.
- Corruption such as fraudulent billing or staff making or accepting bribes
- Misappropriating company assets such as adding fictitious employees to payrolls, tampering with timesheets, or making fraudulent expense claims
- Financial statement fraud, including fabricating figures to create a fake picture of business performance
- Cyber attacks such as phishing or denial of service attacks
- Spyware or malware attacks that install malicious software in a business device or network
- Vendors or partners submitting false invoices
- Account takeover attacks
- Fraudulent purchases from stolen credit card lists
- Automated scraping or content stealing
3. What are the financial risks?
Once you have a list of possible risks, you can identify which of them currently costs your business the most, as well as those that have a chance of becoming an existential threat in the future.
For example, e-commerce businesses often lose revenue from payment fraud. It’s reported that since early 2020, credit card fraud in the US is worth $11 billion. Globally, payment card fraud has also netted $28.65 billion.
For remote-first companies, occupational fraud or major data breaches may be your top priority. Occupational fraud has cost companies $3.6 billion in 2020. Data privacy, ransomware and phishing attacks, tech support, and the fact that employees submit home-based expenses are all new or different financial risks with a remote workforce.
If you can manage financial risks in this way, you can minimize the damage fraud can cause.
How to use anti-fraud technology to avoid risks post-pandemic
1. Choose a trusted payment provider
Having specialist payment software is a way to securely protect money coming in and going out of the business. Payment gateways are easily embedded into your checkout to make for a simple payment process for your customers.
Not only do these vendors protect businesses from payment fraud, but it takes the challenge of managing payment fraud off your hands. It can be extremely difficult to manage these complex risks internally, but having a reliable payment provider effectively outsources this risk.
Well-known payment providers include Braintree, PayPay, Stripe, and Venmo. These industry leaders are trusted by some of the world’s leading e-commerce businesses to protect their payments.
2. Make sure you are using data-driven technology to detect fraud
The objectivity you get from data helps to remove any bias in your fraud management process.
For example, if you suspect someone on your staff is stealing money, you may not look as closely at staff members you know and trust. You may also have underestimated the seriousness of a security risk to your business.
Business data gives you a real-world understanding of exactly what’s going on in your business, and this includes more than just fraud management. Using technology helps to automate this process, raising red flags that help you to minimize the consequences of fraud before it ends up costing your business much more.
3. Ensure that your staff is equipped to tackle fraud
Employees are the front line of any business's fraud prevention strategy. A weak link on your staff can end up being exploited by fraudsters, so it’s important to ensure all staff understands how to treat suspicious activity.
- Make fraud management part of your onboarding process
- Hold regular fraud training sessions with your team
- Have a process for managing invoices
- Ensure inbox managers report unsolicited emails
- Notify team members of fraud attempts so they know what they look like
Fraud prevention is a team responsibility, and staff should understand that they all have a role to play. If they are ever unsure about anything, they should feel empowered to talk to a fellow staff member about it.
4. Use machine learning to detect fraud patterns
Machine learning software adapts to the changing nature of security threats to your business. Anti-virus technology in the past was set in stone, and fraudsters could develop tricks and techniques to overpower it. However, today’s machine learning fraud tools grow and change as fraud trends do.
That means they learn about types of covid fraud as they evolve, updating the protection they give to your business the entire time.
Machine learning is automated, which means it can observe payments in real-time. It can also assess payment factors against set criteria, raising red flags if there’s anything suspicious and reducing the risk of human error.
5. Make sure your fraud software is as accurate as it can be
There are many fraud prevention software choices on the market, depending on your industry and budget. Companies like SEON, Kount, and Signifyd are popular names in fraud prevention, and many companies layer several solutions along with internally built tools to catch fraudsters in action. These software solutions can help to identify patterns of fraud on your web apps and assign fraud risk scores to individual visitors, allowing you to set risk thresholds and take action as needed.
However, your fraud prevention software needs to be accurate, otherwise a lot of fraud will slip through the cracks. Companies can ensure their fraud prevention solution is working well by keeping track of fraud instances over time to see if their efforts are resulting in improvement.
Introducing highly accurate identifiers can also help to improve fraud system performance. Fingerprint Pro (that’s us) is a browser fingerprinting API that provides a 99.5% accurate visitor identifier that can be used as a powerful signal for anti-fraud.
Increasing instances of pandemic fraud have been spurred by changing behaviors online. Because businesses and consumers are increasingly online, there are more opportunities for online fraudsters.
Pandemic-related fraud will not be around forever, but there are a lot of signs that our ultra-online lives are here to stay, making anti-fraud strategies and technologies more important than ever.