Earlier this month, McAfee Labs, the threat research division of McAfee, the global computer security company, released a report titled “Covid-19: Malware Makes Hay During a Pandemic", which analyzed the pandemic-themed cyberthreats that have been emerging over the past few months. The report stated that these threats typically leverage a phishing email delivery method, with coronavirus themes and messages, which are aimed at luring people into engaging and allowing these threats to access their systems. And now a report by ACI Worldwide has revealed that consumer concerns are also on the rise and a large portion are becoming more cautious. But is it enough to protect them from the onslaught of covid-related frauds?
Larger user base
Most of us have been spending more time online than ever before. With many working from home and being locked in, internet usage and the number of users is on the rise. The survey by ACI found that 75% of participants use digital payments at least once a week and 44% use them nearly every day.
It also found that 47% of that number are more concerned about incidents of fraud now than they were before the pandemic. It also found that 31% of the responders had been targeted by a card or digital payments fraud themselves or knew someone who has been, in the recent past.
According to Venkat Krishnapur, vice-president of Engineering and Managing Director, McAfee India, this shift is inevitable in the face of a pandemic, which leaves people vulnerable to fraud. “As purchase volumes move into online sales channels as a result of store closures, fraudsters are using this as an opportunity to diversify their efforts by exploiting less-protected touchpoints. From fake UPI-based payment links or seemingly legitimate bank websites, phishing and other social engineering tactics, cybercriminals are riding on lack of user awareness and uncertainties plaguing the society," he said.
The covid trap
Not only has covid-19 caused the number of frauds to go up, it has also become a bait for a lot of scams. The McAfee report showed that thousands of covid-19-themed spam emails and websites had been discovered, which were scamming victims seeking to purchase medical supplies such as testing kits, face masks and other protective gear. “Over the first 13 weeks of the pandemic, McAfee saw the number of bogus websites increase from 1,600 a few weeks before to over 39,000," Steve Grobman, senior vice president and chief technology officer, McAfee, said in the report. One of the culprits was a trojan aimed at stealing banking credentials by collecting system activities of the victims, recording keystrokes and tracking network traffic and browser activity. It was found to be using coronavirus-related file names to entice unsuspecting individuals.
This trend is reflected in customer concerns. Of the respondents to the ACI survey, 52% said they felt fake apps and websites are the biggest threat they faced, while 39% were worried about spyware and malware infecting their device. There is also concern about payment credentials being compromised (43%).
Becoming more aware
According to the ACI report, customers are not only becoming better informed, they are also growing more cautious. Of the respondents, 28% said they are now more careful while making digital payments. In case they do fall victim to a fraud, 60% said they would report it to their banks. But only 12% said they would report it to the police. The survey also found that 75% recognise one-time password (OTP) as a key anti-fraud mechanism, while 55% appreciated the importance of two-factor authentication.
“It is encouraging that consumers are showing heightened awareness of digital payments fraud and a willingness to adapt behaviours. It appears that anti-fraud and security measures implemented by banks are also widely acknowledged and understood, and that banks are still seen as the trusted source of support against fraud," Kaushik Roy, vice president and country leader, South Asia, ACI Worldwide said in a statement.
At the other end of the equation, banks are also stepping up their game to keep fraudsters and scammers at bay. "Banks have been enhancing their fraud management frameworks in response to both rising fraud concerns and regulatory directives. As a growing number of consumers opt for digital payment methods as their preferred choice of transactions, consumer awareness will be crucial as it is the first line of defense against fraudsters," said Roy. He added that banks will need to adopt a multi-layered fraud strategy that combines deep customer insights with advanced technologies such as artificial learning and behavioral biometrics, while driving extensive consumer awareness campaigns across different communication channels.
Consumer awareness is on the rise, and banks are doing more to prevent fraud, but it might not be enough to stay one step ahead of fraudsters, who are quick to adapt the modus operandi according to technological changes and circumstances.
The smart thing to do is to protect yourself as best you can. Start by downloading online payments and banking apps directly from official websites. Steer clear of suspicious emails and links, and be sure to use multi-factor authentication when making online transactions, so that your credentials have an added layer of security against malware and phishing.