The ongoing pandemic has changed the world forever. As a result, how people think and behave is different in many ways, not just about their health.
The world saw a dramatic rise in online shopping, workplaces are increasingly looking at flexible work arrangements, and online fraud is increasing too.
In the world of cybercrime, fraudsters tend to follow global trends. When it comes to COVID-19, that means a rise in pandemic fraud content, whether targeted at aspects of the pandemic or its knock-on effects.
In the UK alone, authorities reported more than £34.5 million was stolen in pandemic-related scams from 2020 - 2021.
Just as fraudsters adapt to new situations, so do fraud detection and prevention methods. This article shows how the landscape has changed since the COVID-19 pandemic and what anti-fraud technology you need to cope with the new normal.
How has online fraud changed due to the pandemic?
The onset of COVID-19 has been called a tremendous boom for online criminals. But, of course, cybercrime was already trending up, so it’s difficult to isolate the exact effects of the pandemic. Still, there are notable examples of the situation that has fueled the fire.
Analysis shows spam messages rose by an astonishing 220 percent between February and March 2020, as the pandemic took hold. The number of malicious URLs nearly tripled in that time too.
The pandemic shift also spawned new scams, preying on consumer misinformation and uncertainty. Reuters reported that from March to August, covid fraud cost consumers $100 million across the United States due to stimulus relief when much of the economy shut down. While complete data in 2021 is challenging, cybercrime complaints have risen yearly from 2016 - 2020.
The threat of online fraud is more significant than it has ever been, both for consumers and online services. Whether it is related explicitly to COVID-19 fraud or any other type of online scam, it’s a virtual certainty that fraudsters will target your website this year.
Are businesses more aware of fraud risk post-pandemic?
Online fraud has increased since the pandemic, and the nature of fraud attempts has changed. Of course, many of these trends were coming into focus before the pandemic. Still, online fraud accelerated as more individuals worked, shopped, and socialized online.
As described by Interpol, one recent change is how scammers are moving away from targeting individuals and increasingly going after organizations - huge businesses and government organizations. Fraud awareness at major online companies is high as a result. In addition, almost 70 percent of major organizations told a Learn Bonds study that they plan to increase their spending on cybersecurity since the covid outbreak. This can be explained by the increase in threats overall and the changing nature of workplaces following lockdowns. As many white-collar workers are now working from home indefinitely, companies will need to institute stricter security measures around identity and access management.
Companies are willing to invest in cybersecurity and fraud prevention. Their executives are also beginning to take the existential risk of security breaches more seriously. Eighteen percent of CEOs told a 2020 KPMG study that online security threats were the most significant risk of derailing their company’s growth in the next three years. That number was nearly double the 10 percent of CEOs who had the same response six months earlier.
What factors are influencing fraud post-pandemic?
In general, fraudsters react to global changes in how people behave and craft new techniques to take advantage. Fraudsters will always look to exploit common (and risky) behaviors found online and give themselves the greatest chance of success.
When it comes to frauds in business since the pandemic, there are a few common trends that fraudsters are looking to take advantage of:
- Remote working: Remote employees present a greater risk of fraud to your business. Incidents include company data breaches, fraudulent workplace compensation, and charging for the time they did not spend working.
- eCommerce: Two-thirds of consumers say they shop online more now than before the pandemic. There is a range of ways scammers are targeting online shoppers that can ultimately impact online businesses. One crucial example is payment fraud, where malicious actors make fraudulent purchases using phished or otherwise acquired credit cards.
- Supply scams: With many industries reporting supply shortages in the years after the pandemic, fraudsters exploit the excitement around the availability of hard-to-find items.
Questions businesses should answer to quantify their fraud risk
1. What makes up your remote working infrastructure?
The rise in remote working presents an opportunity for fraudsters to exploit employees with much less supervision than in a traditional office setting.
The FBI reported more than 19,000 complaints of email phishing in 2020. One common technique had fraudsters masquerading as senior managers or executives to get junior staff to reveal sensitive information. Therefore, it’s essential to have clear steps outlined so that employees remotely working know how to deal with suspicious emails or other fraud attempts.
Clear expectations for remote employees help them stay productive and is also a form of pandemic fraud prevention. But, of course, remote work comes with the trust and perhaps even leniency. Still, employees should know they should be working is expected to be available.
2. What internal and external risks are applicable for your business?
One way to reduce fraud in business is to manage the risks of the post-pandemic world. Identifying what the chances are and coming up with ways to minimize those risks is an excellent place to start.
- Corruption such as fraudulent billing or staff making or accepting bribes
- Misappropriating company assets such as adding fictitious employees to payrolls, tampering with timesheets, or making fraudulent expense claims
- Financial statement fraud, including fabricating figures to create a fake picture of business performance
- Cyber attacks such as phishing or denial of service attacks
- Spyware or malware attacks that install malicious software on a business device or network
- Vendors or partners submitting false invoices
- Account takeover attacks
- Fraudulent purchases from stolen credit card lists
- Automated scraping or content stealing
3. What are the financial risks?
Once you have a list of possible risks, you can identify which are the most costly and which have a chance of becoming an existential threat in the future.
For example, e-commerce businesses often lose revenue from payment fraud. It’s reported that since early 2020, credit card fraud in the US has been worth $11 billion. Globally, payment card fraud has also netted $28.65 billion.
Occupational fraud or significant data breaches may be your top priority for remote-first companies. Occupational fraud cost companies $3.6 billion in 2020. However, with a remote workforce, new or different financial risks emerge. Those risks include data privacy, ransomware, phishing attacks, tech support, and home-based expenses.
If you manage financial risks this way, you can minimize the damage fraud can cause.
How to use anti-fraud technology to avoid risks post-pandemic
1. Choose a trusted payment provider
Having specialist payment software is a way to protect money coming in and out of your business securely. Payment gateways are easily embedded into your checkout to make for a simple payment process for your customers.
Not only do these vendors protect businesses from payment fraud, but it takes the challenge of managing payment fraud off your hands. Managing these complex risks can be challenging, but having a reliable payment provider outsources this risk.
Trusted by some of the world’s leading e-commerce businesses to protect their payments, Braintree, PayPal, Stripe, and Venmo are a few well-known payment providers.
2. Make sure you are using data-driven technology to detect fraud
The objectivity you get from data helps to remove any bias in your fraud management process.
For example, if you suspect someone on your staff is stealing money, you may not look as closely at staff members you know and trust. You may also have underestimated the seriousness of a security risk to your business.
Business data gives you a real-world understanding of precisely what’s going on in your business, including more than just fraud management. Technology helps automate this process, raising red flags that allow you to minimize the consequences of fraud before it costs your business much more.
3. Equip your employees with the resources and skills to tackle fraud
Employees are the front line of any business’s fraud prevention strategy. However, a weak link on your staff can end up being exploited by fraudsters, so it’s vital to ensure all team members understand how to treat suspicious activity.
- Make fraud management part of your onboarding process
- Hold regular fraud training sessions with your team
- Have a process for managing invoices
- Ensure inbox managers report unsolicited emails
- Notify team members of fraud attempts, so they know what they look like
Fraud prevention is a team responsibility, and staff should understand that they all have a role to play. If unsure about anything, employees should feel empowered to talk to a fellow staff member about it.
4. Use machine learning to detect fraud patterns
Machine learning software adapts to your business’s changing nature of security threats. For example, previously, anti-virus technology was static, and fraudsters could develop tricks and techniques to overpower it. However, today’s machine learning fraud tools grow and change as fraud trends do.
That means they learn about types of pandemic fraud as they evolve, updating the protection they give to your business the entire time.\
Machine learning is automated, meaning it can observe real-time payments. It can also assess payment factors against set criteria, raising red flags if there’s anything suspicious and reducing the risk of human error.
5. Make sure your fraud software is as accurate as it can be
There are many fraud prevention software choices on the market, depending on your industry and budget. Companies like SEON, Kount, and Signifyd are well-known names in fraud prevention. In addition, many companies layer several solutions along with internally built tools to catch fraudsters in action. These tools help identify fraud patterns and assign fraud risk scores to individual visitors, allowing you to set risk thresholds and take action as needed.
However, your fraud prevention software needs to be accurate. Otherwise, a lot of fraud will slip through the cracks. Companies can ensure their fraud prevention solution works well by keeping track of fraud instances over time to see if their efforts are improving.
Introducing highly accurate identifiers can also help to improve fraud system performance. For example, Fingerprint Pro is a browser fingerprinting API that provides a 99.5% accurate visitor identifier that can be a powerful signal for anti-fraud.
Increasing instances of pandemic fraud have been spurred by changing behaviors online. Because businesses and consumers are increasingly online, online fraudsters have more opportunities.
Pandemic-related fraud will eventually subside, but the idea of “always online” will not any time soon, making anti-fraud strategies and technologies even more critical.