COVID-19 Payment Processing & Cyber Scams to Be on the Look Out for

Fraud unfortunately never sleeps and even with everything that is going on with Coronavirus (COVID-19), fraudsters remain in action.

The Marketing and Risk and Loss Prevention Teams here at Priority Payments Local in Central, NJ (a financial technology and payment processing company) have been keeping an eye open for trending payment processing, fin tech, and cyber scams surrounding the COVID-19 pandemic. Don’t fall prey to them. 

Payment Processing Fraudulent Activity: COVID-19

Request to Offline Transactions

If cardholders are asking merchants to offline credit card payments, this should raise a red flag for potentially fraudulent activity. 

An offline transaction is a type of payment method in which a transaction is made that transfers funds from a checking account to a merchant across a digital credit card network.

If you currently use our NJ payment processing company for accepting credit cards and come in contact with a customer who requests to offline a payment, contact our Risk and Loss Prevention Team right away at 732-372-0484 with this cardholder information:

  • Full name
  • Billing address associated to the card
  • Phone number 
  • Copy of driver’s license

An Influx in Consumers Running Chargebacks

There has been an influx in businesses, particularly restaurants, offering pick up and delivery – two services that many never offered before COVID-19 or only offered with a signed card receipt. In an article we wrote prior to Coronavirus, we noted five ways to prevent chargebacks. But now, due to social distancing most of the ways to reduce chargebacks have changed.

Until merchants can once again process payments in person with their credit card terminal machines that have chip readers (EMV readers), make sure every single customer signs their receipts and copies of these receipts are saved, employees can ensure that credit cards being used are not expired, and employees are not accepting credit cards without signatures on the back of them, we advise taking pick up and delivery payments with e|tab, only. 

While there is no guarantee that any best practice can reduce chargebacks, e|tab does not see many chargebacks, especially from the food industry. Why is this?


Poor communication = incorrect orders.

When customers place their food order over the phone, communication is not always clear and as a result, the way food is prepared and what type of food the customer would like along with its condiments may be prepared incorrectly. Some customers rather contact their credit card company and run a chargeback would rather than call the restaurant and explain the issue with the order then ask for a full refund, partial refund, or order replacement. 

e|tab increases order accuracy. 

With e|tab, customers place their orders themselves, selecting exactly what they want. In return, the room for error is reduced by 50 percent.

There’s a record of orders.

Although orders placed with e|tab are still “card-not-present” transactions, merchants have a greater chance of winning e|tab chargeback cases because they can show a record of transactions that were made. With phone orders, unless calls are recorded (which would be a consuming process to identify), there’s no record of transactions ever being made. 

Stay tuned for a follow up blog post on what else you can do to help prevent chargebacks in wake of COVID-19. 

General Cyber Security Threats: COVID-19

Phishing Threats

On March 9, the United States Secret Service issued a press release noting the COVID-19 (Coronavirus) phishing alert. While phishing threats are far from new in the financial technology and payment processing space, the Secret Service notes that the Coronavirus is a prime opportunity for enterprising criminals because it plays on one of the basic human conditions … fear. Fear can cause normally scrupulous individuals to let their guard down and fall victim to social engineering scams.

What is phishing? 

Also as noted in the press release, phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to entice individuals to reveal personal information, such as passwords and credit card numbers. Phishing scams have become ubiquitous through email communication and ecommerce. 

Phishing and Coronavirus

Cybercriminals are exploiting the Coronavirus through the wide distribution of mass emails posing as legitimate medical and or health organizations. In one particular instance, victims have received an email purporting to be from a medical/health organization that included attachments supposedly containing pertinent information regarding the Coronavirus. 

This can lead to either unsuspecting victims opening the attachment causing malware to infect their system, or prompting the victim to enter their email login credentials to access the information resulting in harvested login credentials. This type of incident enables further occurrences of cyber-enabled financial crimes such as Business Email Compromise (BEC), PII theft, ransomware and account takeovers. 

Another side effect of the Coronavirus is increased teleworking, which furthers the reliance on email for communication adding yet another multiplier to these email fraud schemes. More of these incidents are expected, thus, increased vigilance regarding email communication is highly encouraged. (Secret Service)

Coronavirus Donations for Charitable Causes Scam

Another emerging fraud scheme exploiting the Coronavirus is using social engineering tactics through legitimate social media websites seeking donations for charitable causes related to the virus. Criminals are exploiting the charitable spirit of individuals, seeking donations to fraudulent causes surrounding the Coronavirus. Increased caution should be exercised when donating to charitable organizations. (Secret Service)

Coronavirus Non-Delivery Scams

A third fraud scheme surrounds non-delivery scams. Essentially, criminal actors advertise as an in-demand medical supply company that sells medical supplies that can be used to prevent/protect against the Coronavirus. The criminal enterprise will demand upfront payment or initial deposits then abscond with the funds and never complete delivery of the ordered products. (Secret Service) 

Malicious Apps Exploit Fear

CNET’s Insight

CNET reported that fake Coronavirus tracking apps are really malware that stalks people. 

Per the article:

Researchers from mobile security company Lookout discovered an Android app called “corona live 1.1,” which pretends to be the real “corona live” app and uses the Johns Hopkins coronavirus tracker – an actual and legitimate resource for tracking infection rates, death counts and recovery rates around the world. 

While people using the app thought they were keeping tabs on the pandemic, the malicious app was actually tracking them, getting access to the device’s photos, videos, location, and camera. The camera access would allow the attackers to take photos and record videos and audio, Lookout said. 

“This surveillance campaign highlights how in times of crisis, our innate need to seek out information can be used against us for malicious ends,” Lookout said in a blog post. The security company warned against downloading apps from a third party because of the security concerns. 

Lookout’s findings aren’t the only case in which apps are using coronavirus anxiety to surveil people en masse. CNET sister site ZDNet reported that the Iranian government’s official coronavirus tracking app raised privacy concerns after users accused it of collecting phone numbers and real-time location data. 

CovidLock, image source: Domain

CovidLock

CovidLock has become a widely popular name that has been lurking around in the merchant services industry, as we are finding that many of our credit card processing clients who are located in New Jersey and New York have come in contact with it. 

Security company Domain Tools created an informative write up on CovidLock which states:

CovidLock is a mobile Coronavirus tracking app that coughs up ransomware.

Its domain is coronavirusapp[.]site which prompts users to download an Android App that will give them access to a Coronavirus map tracker that appears to provide tracking and statistical information about COVID-19, including heatmap visuals.

CovidLock uses techniques to deny the victim access to their phone by forcing a change in the password used to unlock the phone. This is also known as a screen-lock attack and has been seen before on Android ransomware.

The ransomware requests $100 in bitcoin in 48 hours on the ransom note. It threatens to erase your contacts, pictures and videos, as well as your phone’s memory. It even claims that it will leak your social media accounts publicly.

For additional information on CovidLock, read Domain Tools’ full write up

8 Ways to Help Protect Yourself and Your Employees Against Phishing/Social Engineering Attacks

Now that you know the risks that have been on our radar in wake of Coronavirus, here are eight ways to protect yourself and your employees from them.

  1. Reduce unwanted email traffic by install and maintaining basic security protections, including firewalls, anti-malware software and email filters to prevent known malicious IP addresses or domains for example.
  2. Resist the urge to click links in a suspicious email; visit websites directly.
  3. Be sure you’re at the right website when downloading software or upgrades. Even when using a trusted site, double check the URL before downloading to make sure you haven’t been directed to a different site.
  4. Use basic security tools that block malicious intruders and alert you to suspicious activity, including firewalls, anti-virus, malware and spyware detection software.
  5. Keep computers used for social media sites, email and general internet browsing separate from computers used for processing financial transactions.
  6. Change passwords on computers and point-of-sale systems (including operating systems, security software, payment software, servers, modems, and routers) from the default ones the product came with to something personal to you but that is difficult to guess – such as combining upper case letters, numbers and special characters, or using a passphrase.
  7. Requiring another form of ID, such as security tokens to make it harder for hackers to falsify an account.
  8. Update system passwords regularly, and especially after outside contractors do hardware, software or point-of-sale system installations or upgrades.

These tips were sourced from the PCI Security Standards Council. Read the full article for additional tips: Beware of Covid-19 Online Scams and Threats

Have risk or loss prevention questions?
Submit an inquiry to our Risk and Loss Prevention Team. 

——

Priority Payments Local is dedicated to keeping merchants updated on ways they can improve their business, especially during these difficult Coronavirus times. Our company is headquartered in Central, NJ, 50 miles south of Manhattan, New York. With New York City currently having the most Coronavirus cases, we understand businesses are struggling and are here to help. Contact us anytime! 

Marisa Sanfilippo
Marisa Sanfilippo
Marisa Sanfilippo is the Director of Marketing and Strategy for Priority Payments Systems Local, a payment processing company that is headquartered in Central, NJ. As part of her role, she educates merchants on the power of contactless payments, Net Zero Fee processing, and more.

Leave a Reply

Your email address will not be published. Required fields are marked *