Fraud Scam Predictions and How to Combat Them is the first post in a special five-part blog series aimed at helping banks, acquirers, and merchants navigate risk during the COVID-19 (coronavirus) crisis. For more information on how to fight fraud during the pandemic, check out How to Stop Fraudsters from Exploiting Coronavirus.

Welcome to the Un Times. Unprecedented, uncertain, unstable. As the coronavirus pandemic wreaks havoc on global economies, devastates nations, and upends private lives, we find ourselves in an unknown reality.

While all this “un-ness” leaves us feeling undone, there are things we can do to prepare for the difficult months ahead and to stay on track for the recovery period that will surely arrive, albeit not as quickly as we’d all like.

It’s critical for banks, merchants, and acquirers to prepare for the expected increase in coronavirus fraud scams.

Why coronavirus fraud scams will increase

  • Practicing social distancing drastically alters daily life but, that’s not the case for fraudsters who typically work from home alone. For them, it’s business as usual.
  • Anxiety, fear, and the disruption of daily routines understandably distract consumers. When you’re worried about necessities and finding it difficult to secure toilet paper or flour, you’re not paying attention to fraud. Small, fraudulent charges, which you normally would have spotted right away, can take weeks or months to uncover.
  • Fraudsters exploit consumers’ fears, particularly around scarcity. They offer impossibly great prices or full stock on items that are difficult to find. The consumer thinks she’s found a great deal, but what actually happened is the fraudster accessed her personal account information.
  • Organizations layoff staff, and there just aren’t enough fraud analysts. Smaller teams suggest each analyst must review more alerts, often utilizing bulk approvals; the risk of human error increases.
  • As fraud teams work from home, they lose touch with each other. Usually, there’s lots of communication on a fraud team. “Be careful with this zip code. Watch out for that BIN.” Those conversations happen all day long. Working in isolation means those conversations aren’t happening.

We expect fraud attacks to increase, while at the same time, legitimate transactions to decrease in every sector except for groceries and alcohol. We already see a sharp drop in transactions, particularly those related to travel, hairdressers and barbers, restaurants, service industries, and hospitality. When fraud increases and transactions decrease, the impact of fraud inevitably increases. To help combat the rise in fraud losses, organizations must anticipate the types of schemes fraudsters will use in order to prevent them.

Here are five trends we expect to see over the coming months, and tips to help prevent them:

Account takeover fraud

Account Takeover (ATO) is the act of obtaining access to a person’s online account. It can include any type of online account, including social media, but usually focuses on accounts that criminals can steal money from. For example, a hacker would access a victim’s online banking account and transfer those funds to their account.

Account takeover fraud nearly doubled from 380,000 victims in 2017 to 680,000 victims in 2018.

We expect ATO fraud to exponentially increase and become a major form of fraud. But ATO doesn’t live in a vacuum. When ATO increases, other types of fraud increase as well.

Think of ATO as another virus we have to deal with. It attaches itself to multiple fraud forms and replicates.

The DNA of Account Takeover Attacks

How can banks and merchants prevent account takeover fraud?

  • Trigger a rule if the number of transactions made by a particular customer is considerably higher than the daily average number of transactions made in the past.
  • Raise an alert if an unknown sender makes one or more wire transactions.
  • Regularly compare the number of logins from one period with the number of logins for the past 48 hours.

Employment Fraud

Oxford Economics projects 20 million Americans will lose their jobs in the next few weeks, and Goldman Sachs predicts the US GDP will shrink 34% within three months. Sadly, the numbers don’t look better on the other side of the pond. City A.M. reports the unemployment rate in the U.K. will double reaching 8% in April, hold steady at that high number through June, and then raise .5% for each month in the following quarter. Most of these job losses will come from the retail, restaurant, and hospitality industries.

These figures are shocking and more than a little distressing, and fraudsters are well aware of that. They’ll exploit fear and desperation. In this environment, one specific fraud type customers should be educated on is employment scams. In this scenario, scammers send money to their new “employees” and ask that the employee send the money to someone else, often via gift card or transfer. If the scammer sent the employee the money via check, it’s no surprise that the check usually bounces. If the scammer requests that the employee provide their bank account information, you can guess what happens next.

How can banks and merchants educate customers about employment and money mule scams?

  • Send communications to customers, letting them know about these scams.
  • Warn customers to refuse jobs that ask them to transfer money or provide their bank account information.

Phishing, pharming, vishing, and smishing

Phishing, pharming, vishing, and smishing scams are email, website, phone, and text messaging-based scams, respectively.

Regardless of the technology used, the basic premise is the same. A scammer tricks his victims into thinking he’s a legitimate source by using an established company’s logo, phrasing, and tone of voice. The victim then unknowingly provides access to their accounts.


Phishing emails con victims into sharing passwords, usernames, account details, and other sensitive information.


Pharming scams install malicious code on a computer, which then redirects users to fraudulent websites without their knowledge. The user thinks he is shopping on a known merchants site because it looks like the merchant’s legitimate site. Pharming scams have evolved to include fake apps on legitimate app downloading sites such as Apple Store and Google Play.


Vishing attackers call victims in an attempt to get them to share personal information, such as a social security card number or a national insurance number. As countries issue stimulus checks and extend unemployment benefits, we expect a steep increase in vishing attacks.


Scammers send links via text. When victims click on the link, they’re unknowingly redirected to a pharming site, which often resembles their bank’s website or a government site.

How can banks and merchants prevent phishing, pharming, vishing, and smishing scams?

  • Remind customers of safe online and telephone practices.
  • Implement a default rule to capture user patterns associated with these fraud scenarios, such as raising an alert if a sender makes transactions within 90s minutes that are above a defined threshold to distinct new recipients.

Credit card fraud

Hackers steal credit card account numbers, PINs, and security codes to make unauthorized purchases.

The global shift from cash to contactless payments for essential purchases such as groceries means we’ll see a marked increase in credit card fraud. Elderly consumers who might not be comfortable with online shopping are particularly vulnerable to this type of fraud.

How can banks and merchants help prevent credit card fraud?

  • Pay attention to the timing of transactions along with transaction velocity across different merchants and locations and monitor the most used regions.
  • Card-present transactions should decrease while card-not-present (CNP) increases with the quarantine.
  • High-value transactions have a higher risk; look at the category of merchant (grocery, retailer) to help differentiate between a good customer and a fraudster.
  • Pay attention to the high value and frequency of transactions for particular BINs. High-speed transactions from the same BIN can indicate a BIN attack or a batch of cards that were compromised.

Identity theft

In identity theft, hackers steal personal information such as social security card numbers and state-issued identification cards and use that information for personal financial gain. There are numerous ways identity theft takes place, including data breaches, unsecure internet browsing, and credit card theft, to name a few.

How can banks and merchants help prevent identity theft?

  • Educate customers on safe identity behaviors such as never carrying social security cards in wallets and using the security features on mobile devices.

Key Takeaways

Fraud attacks will increase, while transactions decrease during social isolation. This means the cost of fraud will increase. We expect mass layoffs in global retail and service industries. Fraudsters will prey on fear; expect to see an increase in employment scams. Fraudsters will also use phishing, vishing, and smishing tactics to exploit victims and gain access to accounts. Banks and merchants should conduct large scale campaigns to educate customers on the likelihood of increased fraud attacks. They should also review rules and adjust sensitivity levels for specific types of fraud.