covid-phishing

Is there light at the end of the corona-scam tunnel for financial services?

The globe has been halted in its tracks for the past few months due to this ongoing pandemic. It has caused just as much disruption for businesses worldwide as past economic downturns, and still there are those that profit from catastrophe. Criminals have been preying on widespread vulnerability, and the financial services industry has become just one source of catnip for their personal gain.

Perhaps the most documented corona-scam is the fraudulent selling of fake ‘essential’ materials such as masks and hand sanitiser, or even home-testing kits, to homebound isolators. In the UK, the start of April saw a recorded £1.6 million worth of exploited cash from those scaremongered into payment, with around 50 reports of criminal activity a day being identified by the National Fraud Identification Bureau (NFIB). Unfortunately, this is simply the tip of the iceberg. 

The bigger, scarier picture

Europol has recorded the recovery of 4.4 million units of illegal pharmaceuticals worldwide. Cuba’s black market, for instance, has seen a surge; around 4,500 surgical masks were snatched from state-owned warehouses, and an additional 3,000 found in a Villa Clara home alongside other medical equipment from one operation. Some of those arrested were connected to the public health ministry, identifying supply chain inadequacies. The FBI has also seen a spike in the use of ‘money mules’ by organised crime rackets –  those targeted through dating sites, apps, and job sites to unwittingly move illegitimate cash physically or by transferring funds. 

Even those feeling sheltered from events such as these are exposed to criminal activity online in other ways. A place that is saving remote working and hangouts by video call, absolutely, but a haven for crime of all kinds. Alongside opportunistic fraudsters, Europol’s report identified a sharp increase in dark web vendors and those seeking abuse material through increased isolation. The closure of establishments offering legal sex work could increase trafficking and other forms of human exploitation. At Brno University Hospital, Czechia, in March, a cyber attack forced the hospital’s IT network to shut down, threatening the lives of all patients. Heinous crime simply does not sleep.

While monetary scams are nothing unusual, Covid-19 has spurred new reincarnations. Google has worked hard to quash 99.9% of spam emails sent to Gmail accounts daily (an average of 18 million corona-themed phishing efforts), but this still leaves 258,000 that slip through the net for susceptible remote workers. Other tools utilised by a larger homebound workforce are also shark-infested waters; Zoom has seen its fair share of security criticism the past few weeks. 

Help is at hand

In the private sector, for financial institutions that look after personal finances, fin-criminals have run amok with investment scams and there’s of course the higher risk of money laundering and illicit trading to consider. So how can we see any positives from this?

Firstly, collaborations between banks and investigative bodies have been built since the start of the outbreak. Interpol’s Financial Crimes Unit has been instrumental in tracking its member countries’ vast fraudulent payment cases. Victims are primarily based in Asia, with fraudsters opening bank accounts in Europe – a truly global operation that requires timely monitoring from financial institutions. 

Thankfully, in the United States, a warning was released by the Financial Crimes Enforcement Network (FinCEN)  for cooperative businesses to be vigilant and flag malicious and fraudulent behaviour. Reports can then be assessed by FinCEN to identify scams and illicit trading connected with the current disaster. FinCEN has also offered any assistance to financial institutions’ regulatory efforts, including delays in filing appropriate Bank Secrecy Act (BSA) reports.

Further, an excellent rundown of how the global financial community from Canada to the Caribbean to Australia is dealing with the Covid-crisis can be found at MoneyLaundering.com

It’s not all doom and gloom

In a time where mitigating risk from money laundering remains essential, the Financial Action Task Force (FATF) has advised financial institutions to not fear technology in remote times, but instead rely on digital means as a way to mitigate harm. In Kenya for example, President Uhuru Kenyatta has encouraged cashless transactions, and for banks and mobile operators alike to reduce transaction fees to facilitate increased use of this. 

Despite the lack of face-to-face interaction we have, FATF urges that KYC and AML investigations are still to be carried out through all means necessary, and that legitimate non-profit-organisation activity is both not discouraged or misused. The UK regulator – the Financial Conduct Authority (FCA) – has gone the extra mile by encouraging banks to conduct remote KYC checks using scanned documents, videos or selfies from those with smartphones in the face of new onboarding challenges. Banking security protocols have been enhanced in recent years (widespread multi-factor authentication, as one example); the financial world will surely only refine these solutions now to improve all processes around digital onboarding and the transparency of financial transactions.

Much like the combined public optimism that we will beat this virus, financial services should have hope that collaboration between regulatory bodies, investigative processes and technology are helping to lessen the effects of enhanced financial crime caused by disaster. Remoteness has its downsides, but as we gear up to emerge from the other side of Covid-19, KYC and AML processes have the chance to be better than ever before. This time should not benefit the criminals, but instead narrow their advantage for the future. 

Digital Marketing Executive at Arachnys