Written by: Bharat Panchal
The COVID-19 pandemic has created a VUCA world, where every individual and organisation has been adversely impacted in one way or another. With a global lockdown to contain the spread of the disease, businesses have shifted to remote working. This is undoubtedly a threat to most companies as their network perimeters have expanded radically. Firms are not just at risk of facing outages, but also at serious cyber threats. The situation has created fertile ground for scams and frauds. So, what kind of nefarious scams should we expect in the coming weeks and months?
Increase in phishing attacks:
The COVID-19 crisis has seen a spike in phishing attacks that have resulted in many people losing their hard-earned money. Scammers have taken advantage of the ongoing chaos and confusion to launch phishing emails, websites, and other forms of attacks. As more and more people, NGOs, and religious groups are engaged in providing relief to the needy affected by the pandemic, it has become easier for these fraudsters to impersonate them and solicit donations. With the rise in job losses, there is also a possibility of a spurt in job hunting scams through dubious agencies and websites, fraudsters can run scams that offer jobs and may look legitimate but are mostly fake.
KYC/Fake documents for Rs 20 lakh crore benefits: The Government of India has announced many beneficial schemes to help small businesses such as interest/EMI waive-off for MSME, microloan for unorganised vendors, a moratorium of EMI for various loans up to 6-months. But in most cases, common people might find it challenging to avail these schemes owing to the amount of paperwork and the general complexities involved in dealing with banks. There is a high possibility of many bogus agents approaching small business owners with fake offers of support in exchange for money, fraudsters may use fake KYC documents to avail such benefits or could run a racket of fund diversion.
Insider Frauds: As COVID-19 has disrupted the global economy, many people have either lost their jobs or have had to accept a pay cut. The financial stress from this economic crisis is what motivates many employees to make their company itself as a target and misappropriate its assets. Data from ACFE’s 2019 survey indicates that 42 percent of occupational fraudsters live beyond their means when they commit fraud. Companies need to be extra cautious to safeguard their interests against insider frauds, especially because organisations tend to place a certain amount of trust in their employees, making it difficult to detect these nefarious activities.
Massive increase in sextortion related crimes: During the lockdown period, almost everyone is trying to engage in some or other activity. Many webinars, online shows, online classes, etc. are high on demand. But largely for teenagers, Instagram stories and Snapchat are more than anything. Similarly, Tiktok videos have brought out the talent of millions of people. However, in the want of publicity, some inappropriate videos and photos are made by many people. What if someone break into your phone or computer and gain access to private material?
In the wake of COVID-19, there has also been a spike in sextortion crimes. It is a widely used form of spam attack where cybercriminals extort money by claiming to have a person’s compromising pictures or evidence of their sexual activity. They can hack into someone’s mobile phone or other electronic devices and steal those videos/ photos or even morph a regular photo to make it look obscene. The attacker threatens to share such evidence with the person’s friends and family and employer unless they pay ransom money, attackers prey on the victim’s fear and embarrassment and blackmail him/her into paying up.
Fake medicines/Anti-Corona drugs: In this pandemic situation, and until the time an effective medicine or vaccine is discovered, there will be many advertisements, websites, and other forms of communication on medications, which may claim to cure COVID-19 completely. Further, platforms promoting counterfeit medicines to boost immunity level will also appear in the online market. Those fake websites ultimately lure people with the prospect of COVID-19 cure and compel them to pay online in advance. Either, there will be no delivery or bogus things/ toxic products that will be delivered in place of legitimate medicines.
Increase ransomware attacks: During the COVID-19 lockdown, as more organisations shift to remote working, regular system maintenance like upgrades, applying patches, fixing known vulnerabilities, etc. have indeed suffered a lot. The reduction of IT spending has impacted security spending as well. The systems also have weaker security measures when working from home. With all these opportunities, there’s a very high likelihood of cyber criminals trying to gain unauthorised access to such systems through unpatched vulnerabilities. Ransomware is the most effective tool they may use to encrypt your data, and upon receiving hefty ransom money in the form of bitcoins, they may release decryption keys for you to release the data.
As the world struggles to understand how to respond to this black swan event, the time is ripe for scammers to take advantage of people’s fears and anxiety and run scams, thus adding to their nightmarish ordeal. It is recommended that individuals and organisations look towards the future to protect themselves, their employees, their customers, etc. against all possible frauds.
—Bharat Panchal is Chief Risk Officer - India, Middle-East & Africa, FIS. The views expressed are personal