As fraudsters evolve their strategies amid the pandemic, Wells Fargo is investing in educational tools and resources so business clients can adapt risk management policies to combat the rise in fraud.
“A lot of the fraud threats aren’t net-new, but I think what’s happening with COVID is fraudsters are figuring out a way to exploit them on a more unique basis that’s very specific to the COVID situation,” said Jinee Ellis, financial crimes manager at Wells Fargo. For instance, the San Francisco-based bank is seeing a trend of cybercriminals luring business employees into phishing attacks with alerts about colleagues testing positive for COVID-19, or important updates claiming to originate from the CDC or WHO.
“This desperate need for general information, fraudsters are exploiting that to distribute and implement phishing attacks,” Ellis said. “When an employee opens one of these fake emails and clicks on an embedded attachment or link, they could possibly download malware onto the device and that just opens the door to a lot of different fraud outcomes.”
Specifically, phishing attacks, business email compromise (BEC) and ransomware attacks are increasing throughout the pandemic, Ellis said. “At a high level, there’s just a lot more chaos out there, a lot more organizations are vulnerable and fraudsters are taking advantage of it,” she added.
Also read: PPP fraud risk could run to billions
Research from Barracuda Networks, a provider of security and network products, shows that COVID-19-related phishing attacks spiked 667% between February and March, while both the FBI and Association for Financial Professionals have issued warnings of a rise in BEC schemes related to the pandemic. “BEC is one of the biggest growing threats to businesses, even before the current pandemic,” Ellis said, adding that the criminal will often infiltrate the communication between the FI and a trusted contact with a hacked or spoofed email and request a payment account change to reroute payments to the fraudster.
Overall, cyberattacks against the financial sector have increased by 238% between February and April, according to fresh data from Modern Bank Heist Report, which surveyed CISOs at some of the largest financial institutions. Meanwhile, ransomware attacks against the financial sector increased ninefold between February and April.
As cybercriminals’ strategies evolve to exploit the gaps exposed by the pandemic, Wells Fargo has doubled down on its educational resources and marketing campaigns to business clients. “We’ve done a variety of different efforts in order to boost communications and awareness,” Ellis said, noting the bank launched a COVID-specific fraud page for business clients where it actively pushes out content and articles around rising fraud threats. In addition, Wells Fargo hosted a webinar for business clients with a focus on how fraud is evolving, and best practices for organizations to manage it.
To preserve the effectiveness of those controls, Wells Fargo declined to disclose any specifics about the anti-fraud systems and procedures the bank has implemented during the pandemic. “As threats continue to evolve, we continue to evolve our multi-layers of controls to combat fraud,” added Jim Seitz, who oversees the bank’s specific fraud prevention measures and systems.






