Allstar Insights: How To Combat COVID Fraud
With usual business practices on hold, criminals have more opportunities to defraud your business. In this video, Thore Vestergaard, MD, Commercial Cards at Allstar Business Solutions, explains how to stop them.
He looks at the most common types of fraud and scams during the crisis, and reveals a number of actions businesses can take to ensure they, or their employees, are not exposed.
Why are payment frauds and financial scams topical during this crisis?
In my 30 years in the payments industry I’ve experienced many crises, small and large, but I’ve never experienced one that the bad guys haven’t tried to capitalise on.
When your guard is down and your staff are preoccupied - working from home, juggling home schooling etc. - the last thing on their mind is looking out for people trying to defraud them and the bad guys know that.
What are some of the common fraud and scams to be aware of?
This is the most common and least sophisticated scam. Criminals are literally fishing for personal information, by sending emails or making phone calls, pretending to be someone they’re not. And that way, they are trying to induce you to provide personal information such as passwords, credit card numbers and PINs.
We see a host of ‘spoofing’ scams, where criminals are pretending to be from the Government, HMRC, a supplier or bank, trying to fool you into making payments or reveal banking information, login credentials, etc.
To give you an example: “Congratulations, you have been pre-approved or a £25,000 Covid-19 SME relief grant. All you have to do is pay a £300 processing fee before Monday.”
Don’t pay it. If it’s too good to be true, it probably is, and no Government-initiated scheme will require you to pay up front.
3. Social media
Social media surveys are trying to induce you to give out information that could potentially reveal your passwords. For example, participating in a quiz which asks you things such as “What was your favourite pet?” and “Who was your first best friend?” to win a laptop or a prize.
All they’re doing is extracting that personal information out of you, to then guess the passwords for various bank accounts, credit cards and so on.
What are the dos and don’ts for businesses to stay safe from fraud?
1. If it’s too good to be true, it probably is…
If there are threats and deadlines involved to pressurise you into submission, then you can be pretty sure that the sender doesn’t have your best interests at heart.
Don’t make the payment, don’t provide that piece of information, and don’t click that hyperlink, unless you’re absolutely 100% sure it’s genuine.
2. Reject emails that don’t seem quite right…
Reject emails that are badly written, look off, are coming from an unusual email address, or contain threatening language or too-good-to-be-true claims. They are scams.
3. Keep your information safe…
Don’t provide sensitive information such as passwords or PINs because your bank, your lender or your card provider will never ask for these - but be assured, fraudsters will.
4. Be careful about who you pay…
Don’t pay suppliers or invoices you don’t recognise. When in doubt, check with relevant colleagues if the invoice is genuine and needs to be paid. You will be surprised how many businesses fall for fake invoices every day, especially during a crisis such as Covid-19.
5. Keep in contact with your bank…
Do check your bank accounts and card statements more vigorously. If you see anything suspicious, raise it immediately with your bank or your card provider.
6. Review your internal policies…
Review your internal controls and polices to ensure you do not suffer from internal misuse. And ensure that your staff follow them too.
What advice should you give your employees about card safety?
It’s especially important to remind employees to check expense and procurement policies, which are likely to have changed somewhat due to this crisis. They need to be well-informed about what expenses they’re allowed to incur, and which they are not.
How is Allstar helping to combat fraud during this period?
We are being even more vigilant. We monitor all accounts, and get in contact with customers much more often than we would in usual times, when we see unusual spending patterns and unusual activities, just to make sure that everything is alright.
We also make technology work for us. We ask customers to digitally authenticate online transactions more often and we remind our customers to regularly check and adjust their payment controls at both card and customer level. They can do this online and in real time, 24/7.