Cyber fraud risk and recovery during covid-19

With the slowdown in economic activity globally due to covid-19, the number of cyber fraud cases from around the world has surged. The Hong Kong Police, as well as Action Fraud (the UK’s national fraud and cybercrime reporting centre), and the Australian Cyber Security Centre have all recorded a significant increase in covid-19-related incidents reported since the outbreak of the crisis.

From supply scams related to bulk purchases of personal protective equipment to business email hacking incidents targeted at companies across sectors most susceptible to supply chain disruption – fraudsters have demonstrated a high level of technical and economic sophistication as they exploit the fear and uncertainty created by the pandemic. These frauds can be significant, leading to losses of tens of millions of dollars.

Cyber fraud is a high-volume and fast-changing global phenomenon. Our team has handled well over 100 cyber fraud incidents in Hong Kong and China. This article focuses on the latest risks arising from the current situation, and how you can recover your money and manage the impact of cyber fraud.

Common cyber frauds

Some of the schemes being perpetrated include:

CEO fraud. In this scenario, individuals (often in the finance team) are pressured or misled by email imposters (often coupled with telephone contact) into transferring significant sums of money to fund typically “highly confidential” or “secret” transactions that are said to necessitate bypassing regular internal controls.

Supplier fraud or change of bank fraud. A supplier’s emails have been hacked or spoofed, misleading the victim to change payment instructions and pay actual invoices to the fraudster. Similarly, this may also apply to banks and financial institutions that accept fraudulent email instructions from a customer.

Direct theft via hacking into sophisticated systems. Typically here, the fraudster hacks into a financial institution’s system and issues fraudulent SWIFT instructions under the guise of an existing bank customer, to transfer huge sums of money to overseas accounts. This may only be discovered by the bank the next day during its daily reconciliation exercise.

The initial breach that exposed the victim corporation or bank to these scenarios may have come from a malware-embedded link or phishing email attachment that an employee inadvertently clicked into or downloaded.