Scammers use DocuSign API to send fraudulent invoices
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
With slowing growth and rising inflation, the world economy looks set to experience rocky times ahead.
Some economists are predicting we could soon face a global recession.
Even if Australia escapes dipping into negative territory, most agree the next year is likely to be turbulent. But not every industry will be impacted by a recession in the same way. Some industries don’t contract during a recession. They actually expand.
According to historical experience, one sector likely to experience a boom during a recession is the cyber-crime industry. It is safe to say that cyber-crime is recession proof.
In the blog, we explore some of the implications a recession could have on cyber-crime rates, and why it’s critical you continue prioritising cyber-resilience, even when economic times are tough.
During the 2008-2009 Global Financial Crisis (GFC) and subsequent recession, researchers noted that cyber-crime rates increased.
Their report focused exclusively on financial cyber-crime, including identity theft. It noted that financial cyber-crime increased dramatically, in part thanks to the proliferation of new technologies to regions of the world with many poor people in possession of IT skills.
The combination of poverty and technical know-how facilitated an explosion in cyber-crime opportunities. The onset of the GFC recession contributed to exacerbating the trend.
And remember – that was over a decade ago!
In the meantime, the capacity to engage in cyber-crime has skyrocketed, with a proliferation of new attack vectors, including many new malware variants.
It is highly likely that in any future recession, cyber-crime syndicates will scale up their operations to unprecedented levels, putting us all at greater risk.
Even if Australia escapes a technical recession, much of the rest of the world will likely tip into negative territory. For many people, particularly in the developing world, a global recession could literally mean starvation, or the inability to pay for life-saving medication.
And in an era of global cyber-crime syndicates, the economic situation in West Africa, Eastern Europe or South-East Asia could have a more significant impact on Australian cyber-crime rates than our own domestic economic numbers.
Just take the situation in Cambodia. Following prolonged lockdowns as a result of the pandemic, including the shuttering of the country’s lucrative tourism sector, thousands of individuals who were desperate to earn a decent income, ended up being forced to work in industrial-scale scam operations. The victims of these ‘fraud factories’ extended well beyond Cambodia. They targeted unsuspecting individuals around the world, using any tactics they could to deceive them out of their money.
Any global recession that further undermines the economies of developing nations will drive even more desperate people towards working for cyber-criminals, thereby increasing the risk that people and businesses in Australia will be targeted.
A recent survey found that one in 10 young people are willing to become money mules in exchange for cash.
Should Australia dip into a recession, and experience a rise in unemployment, many of those faced with financial difficulties could be tempted into acting as money mules as a way to make a quick buck.
A money mule is an indispensable cog in the cyber-crime wheel.
Many of the cyber-criminals targeting Australians are based overseas. If they are going to successfully defraud Accounts Payable (AP) staff, then they need a local bank account into which the proceeds of their crimes can be deposited, before the funds can be sent offshore, often through cryptocurrency.
That’s where the local money mule comes in. They offer the use of their Australian bank account in exchange for a fee. Sometimes, the money mule is recruited to the operation without even realising they are actually working for criminals.
At a time of economic hardship, cyber-criminals will be able to recruit more Australian money mules, enabling them to scale up their operations.
When many businesses are doing it tough due to a recession, there’s a strong temptation to look for ways to cut spending.
Many CFOs will be forced to trawl through every line item in the budget, looking for potential savings. Any non-essential expenditure that can be cut, or postponed, will be.
To some CFOs, cyber-security expenditure may seem to be an area where potential savings can be found. After all, most expenditure on cyber-security is aimed at preventing potential problems. That makes it hard to calculate its ROI.
However, during tight economic times, when cyber-crime rates are likely to rise, cutting cyber-security expenditure could end up being a very costly decision!
Investments in cyber-security are cumulative. Organisations build up their resilience to cyber threats incrementally over time. When an organisation starts cutting back on its cyber-security program, it can take many years to build back up to the level of cyber-maturity it had before the belt-tightening.
Any minor savings achieved by cutting cyber-security budgets could make your organisation easy prey for cyber-criminals right at the time when they are actively hunting for their next victim. You’d be cutting your defensive capabilities just as the cyber-criminals are upping their offensive capabilities. Any budgetary savings could be dwarfed by your cyber-crime losses.
As cyber-crime rates increase during a recession, and budgets for defensive capabilities become constrained, organisations must prioritise those investments that provide the greatest benefit for the least cost.
We know that Business Email Compromise (BEC) is the most prevalent cyber-crime variant in the world today. According to the FBI, BEC scams are the biggest money makers for cyber-criminals globally, earning them over $2.4 billion USD last year.
This makes it highly likely that in a recession, cyber-criminal syndicates will resort to more attempted BEC attacks than ever before.
With Eftsure sitting on top of your accounting processes, you can mitigate the risks of BEC by ensuring you only transfer funds to the intended recipient. You’ll receive real-time notifications to confirm that the bank account you are sending funds to is legitimately owned by the intended beneficiary.
Attempts by cyber-criminals to manipulate the BSB and Account Number in supplier invoices, so you inadvertently send them the money, will not succeed.
At a time of recession, when cyber-crime is up and budgets are tight, Eftsure protects you from the most common type of cyber-crime sweeping the world.
Speak to us today for a demonstration of Eftsure can protect you.
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
Fraud is usually associated with deception, manipulation, and crime, but what many people don’t realize is that not all scams are illegal. …
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.