How to avoid falling victim to payment scams

If this unprecedented global pandemic has taught us one lesson on personal responsibility, it is that being aware and cautious can save lives. During day-to-day activities, people are taking all preventive measures to stay safe — quarantines, social distancing and self-isolation. There is one more thing that has become absolutely critical to watch out for: our financial security. While the world is doing everything to decrease the impact of COVID-19 outbreak, cybercriminals are doing everything to raise their game. They have embraced this unfortunate situation as the perfect opportunity to leverage people’s stress, fear and emotional turmoil, capitalize on vulnerabilities, and compromise personal information of consumers and steal money.

Fraud likely goes all the way back to the start of civilization, but it’s never been as sophisticated and technology-driven as it is today. Gone are the days where a royal stranger from a distant land would send you an email benevolently offering a substantial share of their inheritance in return for some advance funds from you. Today, fraudsters do their homework to learn as much as they can about you. However, while social engineering fraud can take different forms such as phone calls, texts, emails, web-site scams, or social media, the target is always sensitive information.

Significant amounts of personal information can be gathered online from social media platforms, compromised accounts due to weak passwords, and breached data sold on the dark web. Fraudsters are building up a wealth of personal information on people’s day-to-day lifestyle, such as the stores they frequent, the bank or credit union they belong to, or the subscription services they’ve signed up for.

During these times, cybercriminals are hoping for people to be distracted, so that they can pull off a scam by tricking them into handing over financial information such as account numbers, PAN, card expiry dates, CVV2 and personal data. They do this using phone calls, SMS or emails, claiming to be from a bank, wireless carrier or a favourite retailer. Institutions including government agencies do not seek out personal or financial information of people using these channels. Findings from our consumer survey conducted in conjunction with our Stay Secure campaign, show that more than a third of consumers in the UAE, KSA and Kuwait have been a victim of online fraud and have certain security concerns related to digital payments.

Security is a collective effort

Visa works tirelessly to build a foundation for meeting consumers’ payment needs around security, reliability, convenience, and trust. Our success is attributed to intelligent technology we deploy and resources we create to educate consumers.

Visa’s Risk team operates round the clock vigilance to detect, prevent, and respond to threats in real-time. We have kept global fraud rates at historic lows — less than 0.1 per cent — through investing in human intelligence and technology like A.I.; empowering consumers and clients with tools, resources and control to manage risk; and setting governance processes to help businesses and regulators stay nimble.

We launched our annual Stay Secure campaign in the UAE, KSA and Kuwait in partnership with the Dubai Police, the Dubai Economy, Saudi Payments Company – mada, and Kuwait Banking Association, to understand consumer views, preferences and security concerns related to digital payments, while offering tips to consumers on how they can protect themselves against potential payment fraud.

The single most important advice to remember is: don’t reveal financial and personal information in unsolicited communication and consider all such requests to be suspicious. If you think it was really your bank, your payment card issuer, or someone from the government trying to contact you, you can always call them back by dialling the relevant organisation’s official number. This is what we always stress to consumers - that they are the first line of defence in the joint fight against cybercrime. If you’ve received a phishing message and it uses Visa’s name, we’d like to see it. Report it to phishing@visa.com. By participating in our anti-phishing security efforts, you can help prevent other consumers from becoming victims.

By drawing on the lessons from past years, we can address future challenges and capitalize on the opportunities stemming from our increasingly digitized society and educated consumers.

Stay secure, stay safe.

The author is Visa’s Head of Risk for Middle East and North Africa.