COVID-19 pandemic is a social, public health and economic crisis, but it is also proving a lucrative opportunity for fraudsters, organised crime gangs and hackers, with a significant increase in the number of fraud events and cyberattacks since the onset of the crisis. At a time of degraded operations and personal anxiety, organisations and individuals are at their most vulnerable, so how can treasurers protect their financial and data assets, and shield their employees, at such a challenging time? Many of us are working and socialising in different ways, from Zoom meetings and exercise classes to Houseparty quizzes and drinks parties. Criminals are exploiting this new traffic, such as fraudulent meeting invitations, to spread malware.
“We started to see coronavirus-related malware campaigns at the start of 2020. These continued in February but have expanded massively in March and April. During this period, we have seen a 500% rise in COVID-19-related phishing emails, and three or four campaigns targeting 200,000 users or more every day. In a period of one week alone, over 50,000 malicious domains relating to the pandemic were registered for fake apps and information sites etc., designed to harvest user credentials and create misinformation and deception campaigns.”— Ingvar Van Droogenbroeck, Partner, PwC
The risk of fraud, whether originating internally or externally, has also increased during the crisis. People are more isolated, and therefore more susceptible to fraud, particularly given additional distractions of children at home, personal anxiety and possible sickness. Business continuity processes and controls may differ from normal if access to treasury tools is reduced and/ or staffing levels are constrained.
All industries are vulnerable to the elevated risk of fraud and cyberthreat, but many criminals have targeted healthcare sectors and hospitals in particular, as they seek to exploit the extreme pressures that these organisations are facing. Identity theft continues to predominate, but fraudsters have quickly adapted to current events and exploited the crisis. We are seeing a particular surge in supplier fraud as criminals pose as suppliers of medical and protective equipment, but other types of identity theft, such as CEO and technician and support fraud still pose significant risks.
“Fraudsters setting up professional-looking websites and posing as genuine suppliers are exploiting many companies’ urgency to acquire equipment such as face masks and sanitizer. Some organizations have experienced losses of hundreds of thousands and in some cases, even millions of euros. As a variation on CEO fraud, scammers are using the crisis to request the urgent transfer of funds, for example in order to make charity donations.Treasurers are reporting fraudsters impersonating subsidiaries. Highly convincing emails and phone calls are claiming a lack of liquidity during the crisis and requesting funding, but using fraudulent bank details. Fake technician fraud is also prevalent, such as pretending to be the bank to help resolve incorrect or incomplete payment files.”— Nicolas Trimbour, Head of Fraud Prevention and Data Intelligence, Cash Management Competence Centre, BNP Paribas
Tackling the changing but ever-present threat of fraud and cyberattack is not a responsibility for one department alone, but a shared responsibility in which every individual plays their part, for example:
Make sure that employees know that you will never ask to make urgent payments that do not follow normal procedures. Make clear in your policy that refusing to act on an instruction that is outside normal processes would never be a disciplinary offence.
Human vulnerability is the most difficult to resolve, but system and organisation weaknesses are easier to identify and address.
“We do test phishing campaigns and see how users act upon them, as well as send emails with benign malware to test whether emails pass through firewalls and other defences, and arrive in end user mailboxes. We also conduct network compromise assessments to determine whether networks have been breached, often weeks or months ahead of attacks actually being exploited. Parameter scans identify elements that are accessible from outside the organisation and that may be susceptible to attack.”— Ingvar Van Droogenbroeck, Partner, PwC
In addition, banks such as BNP Paribas provide extensive materials, awareness kits and value-added solutions to help advise and protect clients against fraud and secure their flows.
“The corporation itself is the first line of defence, so companies need to maintain segregation of duties, including four-eye and six-eye verification of key actions, as far as they possibly can during the crisis. The bank is the second line of defence, and we have invested in sophisticated detection tools to identify transaction anomalies using machine learning and artificial intelligence. We also participate in community efforts, such as SEPA Mail Diamond in France to work collectively to verify settlement instructions”— Nicolas Trimbour, Head of Fraud Prevention and Data Intelligence, Cash Management Competence Centre, BNP Paribas
It would be wrong to assume that as some countries start to relax restrictions, that the threats will disappear.
“We see the crisis in three waves:
i) ‘survival mode’ that we are in currently;
ii) the restart period as restrictions start to lift, and
iii) the longer term rebuild phase.
While it might appear that the greatest opportunity to abuse systems and practices is during the first of these periods, the risks of fraud extend into the medium and long term as uncertainty remains and new opportunities for fraud emerge”— Rudy Hoskens, Partner, Head of Forensic Services, PwC
When people start returning to work, for example, businesses will be buying up masks, cleaning products and handgel to maintain a safe and hygienic working environment, so fraud is likely to increase at that time as fraudsters take advantage of demand. However, the COVID-19 crisis has shown us how adaptable individuals and organisations can be, and the ingenuity and resourcefulness of so many people. Together, we can channel that same resolve, adaptability and common purpose to protect employees and assets, and reduce both the opportunity and value that fraudsters can derive from the crisis.
“Fraud and cyberattack are on the rise. If something doesn’t look or feel quite right, don’t do it”— Ingvar Van Droogenbroeck, Partner, PwC“Stay informed about the potential threats, and remain vigilant”— Nicolas Trimbour, Head of Fraud Prevention and Data Intelligence, Cash Management Competence Centre, BNP Paribas
“Use analytics wherever possible as an additional layer of protection. Be particularly careful when dealing with new suppliers.”— Rudy Hoskens, Partner, Head of Forensic Services, PwC
2020 is the fifth anniversary year of the Journeys to Treasury partnership, comprising BNP Paribas, European Association of Corporate Treasurers (EACT), SAP and PwC. We are marking this special alliance with a ‘Journeys to Treasury Bitesize’ series, providing topical insights and support for treasurers as they navigate this challenging period.