Increase in phishing scams, malware campaigns, fraudulent websites associated with Covid-19 : Report

Online shoppers in India are growing at 73% for Tier-I cities and this growth is staggering 400% for Tier-II and III cities, according to a report. The growth is the result of the rapid adoption of digital payments and internet availability in the country. However, this has also given rise to scams related to Covid 19 such as web-skimming, malware campaigns and phishing scams, the report read.

The report- Fraud & Risk Management in Digital Payments by the Data Security Council of India (DSCI) in partnership with PayPal discusses the online payment frauds, threats in the payment ecosystem, importance of incorporating better fraud prevention strategies, role of upcoming technologies, and recommendations for various stakeholders involved in the payment ecosystem.

According to the report, the e-commerce market is expected to grow to $200 billion by 2026 from $50 billion in 2018. It added that the internet user base is expected to grow to 835 million by 2023 from 560 million in 2018.

“MSMEs adopting digital channels and transformation have grown twice as compared to their peers using traditional approaches. Digital payments are on an accelerated growth path with UPI alone clocking 1.49 billion in volume and $41 billion in transaction value in July 2020. The retail sector is increasingly leveraging advanced AI technologies like machine learning, computer vision, conversational AI, Data Science and NLP to bring out better user experience,” the report said.

Frauds in e-commerce include fraudulent claims, chargebacks, fake buyer accounts, promotion/coupon abuse from the buyer. Other frauds include account takeover, identity theft, card detail theft, triangulation fraud, etc.

Steven X. Chan, Senior Director, Head of Government Relations, APAC, PayPal Inc, said, “India has been the forefront of digital transformation in this pandemic. However, there is a dark side to it. There has been an increase in scams associated with Covid-19, such as charity scams, phishing scams, fraudulent websites, fake mobile apps and supplier scams. According to India’s Home Ministry, cybercrime has increased by 86% between the month of March and April, and personal data is the most attractive target as millions of consumers have fallen victim to malwares.”

Rajesh Pant, National Cyber Security Coordinator, GoI, said, “In the government sector we have a national informatics Center. Few weeks after the lockdown, the number of emails a day jumped to about 70 million from 20 million. This digital explosion, which was supposed to happen after five years has suddenly happened in five weeks. This digital transformation also requires fraud and risk management. According to the Ministry of Home Affairs, two lakh cybercrime cases have been reported in one year with more than 90% of them being financial frauds.”

The report also looked at future fraud possibilities amplified by Covid 19. These include spoofing of current fraud prevention & detection mechanisms which rely on control parameters like location information; device identifiers like IMEI, MAC address; goods/services identities like SKUs/Barcodes. There is a possibility of exploitation of supply chain vulnerabilities at system & human process interchange, the report said.

The report provided recommendations for sectors to mitigate the risk of payment frauds such as performing regular risk assessment, threat monitoring and advanced data analytics for retailers; adopting security & privacy first culture with commensurate investments in cyber security for payment industry and improving laws & legal ecosystem for speedy resolution of cases for policy makers.

“We are actively working with various parts of the government and the private sector partners in India to help support small businesses and communities, in this time of need. For example, PayPal recently partnered with the Ministry of IT on a digital financial literacy program, providing training on safety and security, using various types of digital payment platforms to rural communities across India. And to date we have trained over 20,000 Indians across five states, and we expect to do more,” Chan said.