Online bandits are decreasing their schemes against businesses but increasing COVID-19 scams aimed at consumers, according to a report released Tuesday by TransUnion.
Suspected fraudulent digital transactions against businesses worldwide dropped nine percent from the lockdown phase of the pandemic (March 11 to May 18) to the reopening phase (May 19-July 25), noted the quarterly report on global online fraud trends by the Chicago-based transaction security solutions provider.
That contrasts with surveys done by TransUnion for the weeks of April 13 and July 27, which found a 10 percent jump in consumers targeted by digital COVID-19 scams.
“With the rush for businesses to go digital, as many were forced to go completely online almost overnight, fraudsters tried to take advantage,” Shai Cohen, senior vice president of global fraud solutions at TransUnion, said in a statement.
As those businesses ramped up their digital fraud prevention solutions, he continued, the fraudsters took their scams elsewhere.
“Conversely with consumers,” he added, “fraudsters are increasingly using COVID-19 to prey on those persons who are facing mounting financial pressures.”
TransUnion’s findings suggest that there may not be as much low hanging fruit among businesses for scammers as there used to be.
“Businesses have become a bit more vigilant regarding cybersecurity at the present time,” observed Adam Laub, CMO of Stealthbits, a cybersecurity software company located in Hawthorne, N.J.
“What were layups for bad actors previously perhaps don’t work with the same degree of success because cybersecurity has become more top of mind,” he told TechNewsWorld.
Nevertheless, he cautioned that most organizations still suffer from the same vulnerabilities and exploits they had previously.
“It’s just a little bit harder to get through the front door,” he said. “Once in, however, attackers will traverse networks, escalate privileges and execute their missions with relative ease.”
Weaponizing Fear and Uncertainty
On the other hand, Laub continued, the closing of physical locations for shopping has increased e-commerce activity. “That makes consumers — just from a sheer numbers perspective — an easier target than business at this point in time,” he said.
“When businesses don’t have their eye on the ball, they are by far the more attractive target,” he added, “but when they do, they’re a much tougher nut to crack for the average cybercriminal.”
Melody J. Kaufman, a cybersecurity specialist for Saviynt, an application and infrastructure security provider in El Segundo, Calif. explained that businesses have quickly adapted their security measures to accommodate remote workers over the last few months.
“This security shift has improved processes and procedures in many areas over organizations including phishing training and awareness,” she told TechNewsWorld. “This level of awareness makes businesses harder targets now.”
That’s not the case with consumers, she continued, who — whether they’re savvy with technology or not — are generally not familiar with the wide varieties of phishing campaigns that exist such as smishing and vishing.
“Bad actors find it easier to weaponize the fear and uncertainty of national events, including COVID-19, and this helps their attacks and scams yield valuable results,” she said.
“Fraudsters enjoy times of uncertainty,” added Trace Fooshee, a senior analyst with the Aite Group.
“They flourish in times of crisis,” he continued. “They take advantage of crisis because crises tend to introduce a level of heightened emotion when people lower their guard a little bit. People can be more gullible when their emotions are being preyed upon.”