Crisis is the peak season for fraudsters
The global COVID-19 crisis is threatening both the economic situation of companies and human health. However, during a crisis, a very large number of fraudsters and hackers become active, trying to take advantage of a vulnerable situation, so it is worth being aware of the most common scams. In times of crisis, people and companies must not lose vigilance, because inevitably, people with malicious intent try to appeal to people’s emotions — kindness, fear, or even despair.
According to Victoria Saue, COO of Entify, a company that provides verification and background research, there are very different scams around during any crisis, of which more common are identity theft and various financial and various cyber frauds, such as:
1. Data theft. When thinking about their health or economic worries, people may more easily start seeking help in places where there might be even a little hope. Thus, give their information to “help providers” without knowing anything about the person’s intentions and background. As a result, the “help provider” may use the collected personal data (including health data) for malicious purposes. The submission of one’s (personal) data on the Internet must always be carefully considered, and it must be ensured that the use of the data is purposeful and that the data controller is reliable.
2. Disguising as a charity organization. Donating to a charity organization is undoubtedly a noble activity, but good donors often fail to thoroughly investigate the organization’s background and seek references through official (national) channels. During crisis, fraudsters try to disguise themselves as charity organizations, thereby embezzling the resources — things and money — of well-meaning people.
3. Creating fake websites. According to a recent study by Check Point Research, coronavirus websites are 50% more likely to have been designed for malicious purposes. They are used to sell goods that do not exist or to collect, for example, valuable data about people that have been on the page. It is also often the case that people are redirected to fake payment environments in order by fraudulent means to access people’s bank account and credit card details (such as access details and credit card security codes).
4. Distribution of malware as crisis information. During a crisis, countries send out official instructions on how to behave or what to do, but scammers do not miss this opportunity. This is how, for example, last month, a letter “Notification of the spread of COVID-19 virus approved by the Ministry of Health” containing malware appeared in the mailboxes of thousands of Estonians residents. For quite a few, but unfortunately for not all of them, did “euroapteek@protonmail.com” on the send line raise any doubts.
5. Advertising and sale of goods of insufficient supply. The current devastating crisis is creating a high demand for certain specific goods, such as personal protective equipment. Both public and private organizations are ready to enter the transaction quickly to buy goods without thinking and without checking the supplier’s background. Often people make a 50%-100% advance payment before the goods are delivered and then stay waiting for the goods. There are situations where scammers take advantage of a critical situation and advertise themselves as the last ray of hope without actually having the desired product. Investigating the background of partners helps to prevent fraud — make sure that the company actually exists and check the company’s history and related parties.
6. Identity theft. Identity theft is a widespread problem that increases during an economic crisis. Fraudsters try to get rich by stealing identities — by using another person’s data and identity documents to take out a quick loan, for example. To prevent identity theft schemes from succeeding, companies that issue loans must implement efficient verification processes to prevent fraud schemes from succeeding.
A thorough background check is needed to prevent fraud. One way is to collect data through Google or, for companies, compare annual reports, and interact one by one with contact persons related to the company. On the other hand, such processes can now be done automatically, and Entify, for example, has recently come up with a self-service solution that greatly simplifies verification for both natural and legal persons.
“Many companies are losing focus because of the crisis and are not paying attention in many warning signs, in hopes to survive the crisis. The expected benefits, sometimes even the future of the company, outweigh risk management, and companies take the path of turning a blind eye even when signs of danger appear. In this regard, common sense should be maintained, and reliable and well-thought-out background checks should be continued or introduced. Unfortunately, some people try to use crises in their benefit,” Saue called for caution.
