As businesses and consumers continue to quickly adapt to the arrival of COVID-19 unfortunately, so are fraudsters. The Department of Justice (DOJ), World Health Organization (WHO), and FBI have all issued warnings about the rise in COVID-19-related fraud schemes that are exploiting unsuspecting victims across the country. And as more payments shift to digital and mobile channels in the wake of state-level shutdowns, the potential for not only fraud but also transaction disputes will place an increased burden on your credit union and members.
“As more members fall victim to targeted fraud schemes, we may see a rise in the number of card disputes and fraud claims, potentially amplifying fraud losses for credit unions,” said Ashley Town, CO-OP Director of Fraud Services. The good news is, so far in March, CO-OP has seen a decrease in the number of traditional fraud cases happening within the CO-OP ecosystem and we hope that trend continues.
To help credit unions and their members stay extra vigilant during this period of time, CO-OP’s resident fraud experts Ashley Town and Paul Love (Chief Information Security & Privacy Officer) shared three common COVID-19 fraud schemes to watch out for at our recent FraudBuzz webinar (click here to watch a recording):
- Phishing Emails Disguised as COVID-19 Resources and Information
Federal agencies are reporting an increasing number of emails, calls and text alerts disguised as COVID-19-related resources that contain malicious links and attachments. For example, a group of cybercriminals recently sent around a fake map of COVID-19 infected areas which installed malware when clicked. (Malware is a piece of software designed to steal data, damage devices, etc.) The Department of Justice has responded by reminding people to only visit CDC, WHO and government-sponsored resources for COVID-19 related information (TIP: look for the “.gov” in the website URL and check that there is a lock icon next to it). The Federal Communications Commission (FCC) also published a very helpful online resource containing samples of some of the common COVID-19 phone scams that have been making rounds lately (listen here).
(An example of a phishing email “from” the WHO; Source: FTC.gov)
Similarly, cybercriminals are looking for information security holes within your credit union, says Love. Particularly, as more employees are shifting to remote work, hackers are sending emails that mimic employers in order to try and extract personal or financial information from employees: “it is more important than ever for your employees to practice good data hygiene by not opening or clicking suspicious emails but also reporting them to their Information Security team.”
- Fake Testing Kits, Masks and Deep Cleaning Services
Attempting to cash in on consumer’s fears and concerns around COVID-19, fraudulent companies and websites have been popping up offering non-certified masks, gloves, hand sanitizers and even fake coronavirus testing kits. The DOJ recently shut down a website claiming to offer at-home coronavirus testing kits and requesting credit card information. Another popular scam is companies offering “deep cleaning” products and services that claim to rid your home of COVID-19.
Federal authorities also warned of fake products being sold on popular online marketplaces such as eBay or Amazon. In fact, Amazon has reportedly removed over one million fake or overpriced COVID-19 products from its online marketplace.
The abundance of these phony products and services will inevitably lead to a rise in transaction disputes as members either don’t receive them or dispute the legitimacy of them, claims Town. To help prevent this from happening, members should be reminded to run a quick Google search on any product or vendor as well as check other customer reviews for red flags before buying. There are also online services such as Fakespot.com that allow you to check whether a company or the reviews for that company are fake.
- Investment and Charity Schemes
Regulatory agencies have also warned consumers to be on alert for investment schemes offering “safer” and “guaranteed” returns in the face of market volatility. Typically using language that creates a sense of urgency, these scams tend to target older consumers concerned about losing their retirement savings.
Similarly, fraudsters are also looking to exploit the generosity of consumers by creating fake online charities or soliciting donations through direct or instant money transfers to support individuals or areas affected by COVID-19.
In both situations, members should be reminded to never share personal or financial information with an unknown source and to only engage with accredited, reputable organizations.
Best Practices for Identifying and Stopping Fraud
In addition to sharing the above tips with your members, there are a number of proactive steps your credit union and members can take to help minimize the risk of fraud:
- Review and adjust transaction limits. Consider working with your core processor to set up transaction limits at the cardholder-level. Members that use CardNav by CO-OP with their credit or debit cards can also do this themselves from the convenience of their phones.
- Look for unusual spending behavior. Work with CO-OP’s experienced Fraud Analysts and your core processor to closely monitor cardholder transactions and look for any unusual spending patterns that may indicate fraud. As a reminder, all 9.7 million accounts on the CO-OP Shared Branch Network are also monitored by our advanced, machine-learning powered solution COOPER Fraud Analyzer.
- Use fraud text alerts. Remind members to actively check and respond to fraud text alerts they receive on any suspicious activity within their account. CardNav users can also set up custom alerts for specific transaction types and dollar amounts within the app.
- Stay informed. The best way to get ahead of fraud is to stay informed. Join us at our monthly FraudBuzz webinar, where our panel of experts share the latest fraud-related news and best practices for protecting members. Please register for our next Fraudbuzz on April 16.