Cyber crime incidents could witness a sharp rise of 40% to 80% in the coming months and years, as consumers and businesses increasingly transact online during the coronavirus (COVID-19) pandemic period.
According to the latest research report from global information and insights company TransUnion, the percentage of suspected fraudulent digital transactions rose 5% over the period 11 March to 28 April, when compared to 1 January to 10 March.
In its COVID-19 Digital and Fraud Playbook, TransUnion identified more than 100 million suspected fraudulent transactions from 11 March to 28 April. The company used 11 March − the date the World Health Organisation (WHO) declared the coronavirus a global pandemic − as a base date for its analysis.
The playbook is an insights-driven methodology designed to help South African businesses navigate an increasingly online world, and includes three different scenarios covering how cyber fraud could increase in the coming months: best-case, in which digital fraud increases by at least 40%; mid-case, in which fraud increases by between 40%-80%; and worst-case, in which fraud increases by 80% or more.
Speaking at the webinar launch of the report last week, TransUnion Africa chief product officer Tim Collins said, while the need for digital channels had increased exponentially, fraud has also evolved and become more sophisticated.
“Recent experience suggests we will see fraud rise sharply in the coming months and years. We saw a 40% increase in cyber-criminal activity during the two years following the Great Recession’s 2009 peak, for example,” said Collins.
While SA took swift action to flatten the curve, the impact of COVID-19 is expected to continue for a significant period of time, resulting in macro-economic and new business activity influencing the online fraud rate of both COVID-19-related and non-related crimes, notes the report.
COVID-19-related crimes include cyber criminals using a variety of methods, such as impersonating credible or reputable institutions such as the WHO or the US Centres for Disease Control and Prevention to lure their victims, by asking for donations.
Other methods include spoofed e-mails and SMSes selling products such as masks, gloves or fake offerings of vaccines, leading to phishing Web sites. Hackers are also taking advantage of the rise in remote working technologies such as Zoom, by registering fake and malicious domains.
TransUnion recently analysed industries for a change in the percentage of suspected digital fraud perpetrated against them, comparing the periods of 1 January to 10 March, and 11 March to 28 April. The research found that globally, the telecommunications (76% increase), e-commerce (12%) and financial services (11%) industries were increasingly targeted.
Globally across industries, TransUnion found the countries with the highest percent of suspected fraudulent transactions were Yemen, Syria and Kazakhstan.
“Our data shows that as social distancing changes shopping patterns, fraudsters have taken notice and targeted the more digital-forward industries while following the money,” adds Collins.
The report is based on analysis of TransUnion’s device verification database, which contains over six billion devices.
South Africans have already been impacted by COVID-19-related fraud. According to TransUnion’s earlier COVID-19 survey of 4 065 South Africans, one in four surveyed confirmed they had experienced a COVID-19-related fraud scam and one in five of those said they fell victim to it.
In addition, the Fraud Playbook report reveals many companies are battling to balance the need to protect themselves and their customers from cyber fraud, with providing a seamless customer experience.
While consumers have heightened expectations of the user experience on digital channels, current fraud detection and prevention methods often impact that experience, it notes.
“South African businesses need a multi-layered approach to manage ever-evolving fraud threats – there is no single silver bullet,” comments Keith Wardell, TransUnion Africa product director.
‘It’s about making sure consumers and organisations can transact with confidence. This approach includes robust identity verification, including biometric and device authentication as well as other tools for assessing fraud risk and meeting regulatory obligations.”
The South African Banking Risk Information Centre and several cyber security firms have for the past few months been warning bank consumers and organisations of cyber criminals exploiting the COVID-19 outbreak to spread an array of online scams.
Last month, a report by intelligence firm Recorded Future warned of hackers posing as WHO officials. The hackers reportedly create fake Web sites and e-mail addresses, using logos of the WHO and the health ministries of national governments.
Share