The COVID-19 pandemic has brought tragedy and heartbreak, along with havoc to society, individuals, and organizations. The convergence of the shutdowns, remote work, anxiety, hopelessness, stimulus measures, vaccine development, and other reactions created the hothouse environment for fraud.
COVID demonstrated how at its core, cybercrime remains largely the same, but criminals change the narrative, thriving in the uncertainty surrounding a crisis. Criminals exploit disruption to commit crimes, whether it is offline scams like pickpocketing, looting, or shoplifting, or online crime like digital fraud. The bigger the disruption, the greater the opportunity.
The turmoil caused by COVID went deeper, cascading through the economy and society, creating the trigger for the explosion of fraud in the digital world. And COVID fraud may be here to stay.
Top 6 Sinister COVID-driven Fraud Schemes
The virus hastened enhancements and increased the utilization of fraud schemes. While all manner of frauds increased in usage, some schemes were more widespread and menacing. Your organization needs to prepare its defenses for more of the following attacks in the coming year:
-
Ransomware
- Estimates of 2020 ransomware attacks show a doubling over 2019 levels. Keep in mind that this huge jump is likely an understatement because of the reluctance of many organizations to report an attack.
- This form of exploitation goes beyond the purely opportunistic, requiring studying and targeting of organizations where the criminals can maximize leverage and damage.
- Some examples:
- Criminals have even been attacking hospitals with ransomware when they are at their most vulnerable.
- Hackers are using “double extortion” to both encrypt an organization’s data and also threaten to publicly release or sell on the dark web.
- Recently Garmin reportedly paid millions to cybercriminals to recover data held hostage from a ransomware attack.
-
Service Provider Attacks
- Crooks have started to attack service providers with malware that proliferates across their customers’ networks. With increased global interconnectedness and the prevalence of digital supply chains, there is a massive attack surface. Recently, serious attacks on managed service and cloud providers have taken place, and the expectation is for this trend to continue due to the efficiency and scope of these events.
-
Phishing Attacks
- Like much of the fraud schemes perpetrated in 2020, phishing attacks are growing not only more widespread, but more sophisticated in design. The criminals are utilizing emails and fake websites that are nearly identical to the real thing. Phishing attacks are also taking on qualities that are becoming prevalent across many plans. They are targeting specific large groups utilizing some understanding of the victim’s internal processes and system vulnerabilities.
-
Supply Chain Fraud
- Anxiety over actual or potential supply chain disruptions allowed fraudsters to manipulate to their advantage. Because of buyers’ desperation to procure difficult-to-find goods, especially masks and other PPE items, supply chain fraud increased throughout the year.
-
Friendly / First-party Fraud
- COVID has increased the number of friendly fraud incidents, as economic stresses have people turning to this relatively low-tech fraud scheme to steal from companies. Friendly fraud is typically perpetrated repeatedly at a lower average value versus the less numerous but more valuable items targeted in third party fraud.
-
Invoice Fraud
- With some estimates as high as 70% of U.S. employees working from home, invoice fraud has become more prevalent during the pandemic. Accounts payable and procurement groups had to quickly adjust their processes and controls, exposing their companies to more fraud. Criminals have been doing their homework during the pandemic, becoming more informed on supply chain stakeholders, business relationships, and processes to carry out these scams.
What COVID fraud trends will be with us in 2021 and the coming years? What stays the same? Read more in our eBook “Fraud During the COVID-19 Pandemic: A Year in Review”.
Collective Intelligence for Richer Insights
Fraud.net’s advanced infrastructure for fraud management allows your organization to unify fraud data from any source with a single connection. We offer the industry-leading collective intelligence network, and world-class artificial intelligence to help optimize your fraud management. Our cloud-based ‘glass-box’ system delivers a transparent and comprehensive presentation of enterprise risk making your business safer, smarter, and more profitable.
Learn more about how Fraud.net’s powerful technology can deliver game-changing results for your organization.