How a global pandemic created a breeding ground for wire fraud

For many organizations, COVID-19 brought normal operations to a halt last year. The effects are still being felt today, as remote working and online transactions have become a necessary norm. In addition to large-scale economic disruption and concerns over mental health, the pandemic brought with it another unwelcome side effect: a boost in wire fraud.

In some situations, electronic processing of payments through wire or e-transfer became the only available payment method, which was challenging for organizations that relied on making payments through cheque or cash.

But the impact hasn't been felt by those organizations alone. The risk of wire fraud increased across multiple sectors, thanks to a lethal combination of disrupted workforces, economic uncertainty, rapidly changing business processes and controls, and an increase in electronic money transfers.

The situation has only intensified over the long-term, as organizations deal with increased staff turnover, lack of regular face-to-face interaction, and in some cases, the necessary pivoting and transformation of the way they do business.

What is wire fraud?

Wire fraud is a type of scam that involves the transfer of money from an individual or organization to a fraudulent recipient—usually over email or phone.

Emails often appear to be legitimate because they seemingly come from familiar customers or vendors. These emails normally include a request for payment, but the account to which they normally send the money has been altered by the scammer.

Once the funds have been processed, recovery is often very difficult. Consequently, the financial and reputational impact to an organization can be significant.

The faces of fraud and the tactics they use

Early on in the crisis, the Federal Bureau of Investigation (FBI) indicated an expected spike in business email compromise scams related to COVID-19. Of particular concern was the targeting of health care providers and government organizations around the purchase of supplies or personal protective equipment (PPE).

Fraudsters, unfortunately, didn't disappoint. News outlets and organizations such as The Canadian Anti Fraud Centre (CFAC) reported a sharp increase in COVID-related scams. Among the more recent are fraudsters targeting pandemic relief funds, such as the alleged theft of $30 million by an Ontario government employee, or the attempted wire fraud of more than US$550,000 in Seattle.

Others noted by the CFAC include fraudsters pretending to be:

• Familiar senders offering information on vaccines via email or text message
• Private companies offering treatments or COVID-19 test kits
• Cleaning companies providing COVID-19 sanitation services or 'air filters'
• Charities offering 'free' PPE
• Local utility companies threatening to disconnect services
• The World Health Organization (WHO) providing lists of infected people in your community
• Financial advisors offering lucrative investment opportunities
• Government agencies requesting personal or health information

Scam tactics such as phishing, vishing, malware, impersonation, or social engineering haven't changed, but COVID-19 has heightened the pace. Fraudsters are capitalizing on the fear and anxiety created the pandemic, as well as well as weaker home security networks and an increased reliance on online transactions, to lure individuals into disclosing confidential information, installing unauthorized software that compromises security, or making payments to financial accounts owned by criminals.

How can your organization protect itself against wire fraud?

From asking the right questions to keeping up-to-date on training and processes, there are steps that you can take to mitigate the risks of wire fraud.