How to protect your business from common Covid-19 scams

As the Covid-19 crisis has shown how quickly criminals are able to invent new scams and re-purpose old ones, Christian A. Chmiel, Web Shield’s CEO examines some common Coronavirus scams

Furthermore, he explains how acquirers and payment service providers (PSPs) can safeguard their businesses and bottom line.

In the long history of humankind, those who learned to collaborate and improvise most effectively have prevailed, said Charles Darwin, the father of evolution. Criminals have certain natural advantages in this regard. They are frequently well funded, highly skilled, creative, entrepreneurial, and lack scruples.

In contrast to firms in the legitimate economy, criminals do not have to justify activities through endless committees. Or quality assure new scams in depth before releasing them into the wild. This makes them well-placed to collaborate and improvise to capitalise on Covid-19. It also makes them a wily adversary not to be underestimated.

However, it’s not just criminals that can adapt and evolve. Compliance professionals can, too. It’s actually something they’re quite good at, because compliance is dynamic by nature. Anything can change in a business, a merchant’s business or the external environment. Therefore, compliance professionals are used to operating in business-as-unusual times.

Curing the fraud virus

Merchants must not dispense or offer to dispense medicines that are not licensed for sale. A medicine may be licensed for sale in one country but not in another. The internet facilitates cross-border sales, yet transactions must be legal in both the country of the buyer and seller, according to card scheme rules.

For the avoidance of doubt, there is no cure for Covid-19 at the time of writing. Anti-malaria drug chloroquine has been touted as a possible treatment. However, when a medicine is licensed, it is for a particular indication, at a particular dosage, route of administration and so on. A medicine may be licensed for the treatment of malaria, but merchants cannot legally sell or dispense it to treat other illnesses.

How goods are sold is as important as what goods are sold. If a merchant uses deceptive sales and marketing practices, which violate consumer protection laws or trading standards legislation, transactions for legal goods may become illegal. This includes making false and misleading claims about the efficacy of medicines and health supplements. Regulators have been particularly vigilant in taking unscrupulous merchants to task for touting bogus Covid-19 cures.

As an example, over the course of the last months, the US Federal Trade Commission (FTC) has sent warning letters to companies making unsubstantiated claims about Covid-19. The alleged cures ranged from intravenous vitamin C infusions and nasal sprays to skincare products, acupuncture, electric current devices, and of course nutraceutical supplements. With so many ‘cures’ available to the public, the pandemic should already be over, one would think.

Taking advantage of an emergency

Governments worldwide have announced financial support packages for individuals and businesses due to Covid-19. Unscrupulous criminals are exploiting this to set up advance fee frauds.

Scammers convince their victim to pay a fee to release a government refund, rebate, or disbursement. Or they exploit people’s financial vulnerability with offers for payday loans or debt consolidation. Payments are requested via plausible means, such as payment card or bank transfer, but then the promised funds never materialise.

Criminals have also successfully re-packaged investment scams with a Covid-19 wrapper. For example, using stock market uncertainty as a result of Coronavirus to persuade victims to invest in non-standard, unregulated or bogus schemes for carbon credits, cryptocurrency, gold and so on.

The card schemes react

In response to recent trends in illegal or brand-damaging activity, Mastercard has updated its Business Risk Assessment and Mitigation (BRAM) program. The changes around Covid-19 scams, but also celebrity endorsements, electronic nicotine delivery systems (ENDS) and gambling regulations were effective June 30, 2020.

The sale of any goods or services, either through an affiliate marketer or directly from the merchant of record, that purports to test, cure, treat or prevent Covid-19, will be considered a BRAM violation. This is for as long as these goods and services have not been approved for sale by the relevant government or regulatory authorities (AN 4175 Update for the Business Risk Assessment and Mitigation Program, Mastercard).

How service providers can help

Deceptive sales and marketing can render any card transaction illegal, even if the goods and services sold are perfectly legal. Every merchant type is susceptible, because it is not what the merchant sells, it is how they sell it that creates acceptance risk for acquirers and payment service providers.

Any merchant scamming their customers is also scamming their acquirer. It is crucial to underwrite wisely and remain vigilant at both the merchant on-boarding and monitoring stage. Service providers like Web Shield can give you a competitive advantage here. Web Shield adapts quickly to changes in the risk landscape and its solutions accommodate the high-brand risk BRAM program, including its most recent Covid-19-related updates. Its deceptive traffic detection identifies the tell-tales signs of deceptive marketing schemes. Especially in the current volatile fraud environment, having this kind of flexible support in your compliance arsenal pays dividends.

In times of crisis, collaboration is key

Crisis like Covid-19 call for cooperative efforts across the industry to address challenges that impact us all. Finding and discussing new ideas is key. The upcoming RiskConnect Virtual conferences aims to provide one such platform. It features presentations and panels with thought leaders, industry players, regulators and think tanks from the payment industry and beyond.

About Christian Chmiel

Christian A. Chmiel, CEO and founder, Web Shield is responsible for the development and implementation of investigation techniques to identify fraudulent or brand-damaging online merchants. He is also a lecturer at the Web Shield Academy and has published several books about fraud, investigations, and accounting.

About Web Shield

Web Shield has been equipping the payments industry with tools to protect businesses from merchants involved in illegal or non-compliant activities since 2010. Our highly precise solutions enable acquirers, PSPs, and other financial organisations to evaluate new merchants and monitor existing ones, thereby saving both time and money.

Web Shield also organises RiskConnect, a networking conference for risk management professionals. This November, RiskConnect is going virtual. Delegates can access hours of great keynotes, presentations, and panels, featuring industry experts online for free. Registration is now open.