The COVID-19 pandemic has forever changed the way that we live our lives. Social distancing, mask wearing, and hand sanitising have all become common activities these days. However, a more sinister by-product of the pandemic is the overall increase in the level of fraud as people spend more and more time online. Fraudsters have been able to exploit the loss of jobs, financial vulnerability and shortage of supplies experienced by most businesses.
According to PWC, 35% of Australian entities have experienced fraud in the previous 24 months from 2020, a figure that is expected to rise over the next two years.
While the pandemic has triggered this growth in the rate of fraud, the overall response to the fraud has been limited. With physical restrictions placed on staff, difficulties in conducting remote interviews, and a lack of access to evidence, investigation efforts have hit many roadblocks in the current environment.
This blog will explore the latest trends in fraud and how your business can effectively investigate and prevent these frauds from occurring.
Consumers are now doing more of their shopping online rather than in person as a result of the lengthy lockdowns. This has led to a boom in the e-commerce industry, with total online sales in Australia increasing 67.1% from March to October 2020.
Fraudsters hope to slip by unnoticed within this flood of consumers, using stolen or fraudulent information and digital wallets to make bogus transactions that businesses will be left paying for. In 2020, 68% of anti-fraud professionals noticed an increase in payment fraud.
Not only does this inundation of online transactions create the perfect veil for payment fraudsters, it also introduces inexperienced consumers and businesses to the market. These newer parties are less aware of and thus more susceptible to these types of frauds.
To protect against payment fraud, businesses should:
- Pay close attention to the size of the transactions, since the average fraudulent transaction is three times greater than normal transactions.
- Use a fraud protection platform like Address Verification Services to confirm that the cardholder’s billing address matches the respective card issuer.
- Be wary of orders using payment types other than credit cards and contact the buyer for information if something looks suspicious.
In response to the decline in economic activity, governments around the world have issued grants aimed at supporting small businesses. In NSW, sole businesses, sole traders and not-for-profit companies whose revenue fell by 30% or more during the lockdown qualified for a $1,500 fortnightly payment.
However, due to the large number of applicants and minimal due diligence involved with these applicants, fraudsters are able to exploit this system and receive payments they are not entitled to. One method they use to do so involves stealing the identity of a legitimate business. These businesses are often operating with reduced or overworked staff, with limited resources to keep these fraudsters at bay and are thus easy targets.
Another scheme fraudsters will engage in is using publicly available information about these businesses and posing as a lender. Fraudsters will request further information about a business’s claim application, scamming them out of sensitive information. You may get emails, SMS texts, instant messages and social media posts:
- With links claiming to have important updates about the latest COVID-19 safety measures, or claiming to have information on the location of possible cases in your area.
- Pretending that you or your employees have been in a COVID affected area and asking for personal information.
- Offering to help you access a government “benefit” or “subsidy”
- Claiming to assess you or your employees’ eligibility for the vaccine, or placing you on a fake waitlist.
To avoid being scammed by these fraudsters, consider undertaking the following actions:
- Only search for financial assistance via the official government website available here.
- Do not click any links or open any attachments if you are unsure of an email, call or SMS, and contact the organisation using contact details that you have found yourself (e.g., through a Google search)
- Ignore emails that claim to be about online government or business services which include links to sign in pages, or ask for your personal information, account details, PIN or passwords.
More businesses are now encouraging their employees to work from home, even when there are no lockdowns in place. Studies have shown that 67% of workers are either partially or wholly working from home, compared to 42% pre-COVID. The pivot towards online work has also brought with it relaxed information security protocols and workers who are unfamiliar with new technologies, which leaves businesses more vulnerable to attacks from fraudsters.
Phishing and malicious software are the most common instances of cyber fraud. Phishing involves sending fraudulent communications that appear to come from a reputable source, with the goal to steal sensitive information like credit card and login details. Fraudsters will also encrypt the victims’ data and will offer the victim a passcode to retrieve it in return for cryptocurrency payments.
There are many ways that you can protect yourself against cyber fraud, which include:
- Training employees to spot and avoid cyber attacks, reminding them that only “one wrong click” can give fraudsters access
- Ensure strong passwords are being used
- Check that any software you use is up-to-date with the latest versions of fixes
- Turn on multi-factor authentication as an additional level of security
- Identify key personnel who are critical to the effective running of your business, and have a plan of action when they are not available.
- Formulate an incident response so that your response to an event is swift
Another common example of fraud in this pandemic-era involves scammers impersonating a charity that is collecting money for people affected by COVID-19. They will either pretend to be a well-known charity or create one with a name similar to a real charity, and even set up a fake website to lure unsuspecting victims in.
Falling for this scam can be avoided with the following actions:
- Check the supposed charity’s credentials by using this website, since all genuine charities must be registered.
- Be wary of communications that use highly emotive language or stress urgency. Fraudsters will use high-pressure tactics to manipulate people into performing actions.
- Ignore emails that ask you to send funds to a foreign bank, as these are highly unlikely to be legitimate.
Business Email Compromise
A fraudster may pose as a supplier or employee to request payment or change their bank details. They will do so by compromising an existing employee email or using your company’s logo and brand. For example, the fraudster will pretend to be a supplier and ask that you send your usual payments to a different account and use COVID-19 as an excuse.
To avoid this situation, make sure each employee has a secure password, and know your supplier’s contact details so that any other communications can easily be flagged as suspicious.
This type of fraud involves fraudsters using fake websites and social media to sell you COVID-related products you will never receive, like hand sanitiser, gloves, or surgical masks. They may also ask you to pay for the vaccine or get early access for you or your employees.
Again, training your employees to look out for and avoid these scams is vital. You should also be aware that COVID-19 vaccines are voluntary, free, and available to all people in Australia.
Protecting Your Customers
Your customers are also vulnerable to the attacks of fraudsters who will pose as your business and steal revenue from you. To reduce the risk of this occurring, you can:
- Advise your customers that you will never contact them to ask for their customer login or payment details.
- Monitor who is mentioning your business name online through services like Google Alerts.
- Create strong passwords for your business accounts and update passwords with staffing changes.
Due to the major disruptions caused by the pandemic, businesses must be on high alert to the new frauds that scammers have devised in this new environment. Not only will these frauds have a large impact on your business’ revenue, it will also hurt your reputation, customer trust and employee morale. Overall, businesses need to be more wary of the communications they receive from unknown sources, and implement strategies that will improve the overall security of the business.
Book a Demo Now
Learn more about how Polonious can help you investigate and respond to fraud.