Fraud is skyrocketing on payment platforms amid COVID-19 — are you protecting yourself?

Criminal gangs are targeting you and your payment accounts during COVID — but this is not the type of popularity you want.

Image for post
Image for post
Photo by Sharon McCutcheon on Unsplash

Winston Churchill famously said, “Never let a good crisis go to waste.” In other words, Churchill’s understanding of human nature can also be applied to the current COVID pandemic. This is especially true when it comes to cybercrime and fraud.

As I wrote in 20 ways to protect yourself from COVID-19 & stimulus payment scams, cybercriminals and scammers are also out in force. Ironically, they were relatively quick to mobilize during COVID, often quicker than the relief groups. And it is not just COVID — whenever there is a natural disaster, scammers often react before international aid arrives on-site.

Similarly, Dov Lerner, Security Research Lead at Sixgill, notes that threat actors and fraudsters have a long history of finding opportunity in crisis. Financial fraud increased drastically after the attacks on 9/11 and after the 2008 downturn.

His research shows just how quickly criminal schemes can react to changes in the economy. For example, between March 2020 and May 2020, the earliest days of the pandemic, payment platforms such as Cash App and PayPal saw an almost 11% increase in usage. This spike resulted from increased online shopping and a jump in people sending money to cash-strapped friends and family.

With COVID being one of the biggest catastrophes of the last 50 years, scammers and fraudsters were also not going to let this crisis go to waste. Sixgill research counted the number of times the 14 largest payment platforms were mentioned on deep and dark web forums and messaging platforms frequented by hackers and criminals. From February until the peak in May, the total number of mentions rose 262%.

While he never really said it, Willie Sutton knew that banks were the place to rob since that’s where the money is. In 2020, the money is in the payment platforms. These payment platforms have numerous weak points that can be exploited. With the rise in payment platform attacks, it is more important than ever that users ensure they are using all of the security controls made available to them.

Some of these controls are worth repeating:

  • Follow all of the good security practices you are accustomed to. There are no new techniques with COVID scams. They are just using COVID as a means to deceive you. They are using old techniques via a new crisis.
  • Enable 2FA (two-factor authentication) for your accounts on payment platforms.
  • Use difficult to guess passwords for each payment platform and ensure you use unique ones for each platform.
  • Be vigilant for phishing scams. If you have an account on a payment platform, you are a potential cash cow to attackers.

Online payment platforms make payment and money transfer seamless and easy. But with that ease of use for the user, is the corresponding ease in which cybercriminals can gain access to and drain all of your funds.

You are a target. Make sure you act like one and protect your payment accounts accordingly.

I work in information security at Tapad. Write book reviews for the RSA blog, & a Founding member of the Cloud Security Alliance and Cybersecurity Canon.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store