In the past few months, COVID-19 has put the entire world on the fast track towards a digital economy, with digital payments becoming essential services. In a recent press briefing, PayPal officials said that online transactions are up 20 percent year-over-year, with branded transactions increasing by over 43 percent, or more than double the pre-COVID levels in January and February.
The flip side to the increase of digital transactions is the rise of digital fraud. “In this time of critical need, clearly it’s not just the good people that are interacting with our system. There’s also a lot of bad actors in the system, who want to defraud people. And that’s where our responsibility becomes more critical,” said Guru Bhat, VP for omni channel and customer success at PayPal.
According to a Google transparency report dated March 2020, there was a 350 percent increase in the number of phishing sites from January to March. It was also reported that the number of fake COVID websites globally increased from 1,600-39,000 in the first 16 weeks of pandemic. Additionally, there was a 33 percent increase in ransomware payments made by businesses all over the world during Q1.
“There’s an obligation for us to figure out, first of all, how we can create products and services that can help our customers. But at the same time, it’s important for customers to get educated as well,” said Bhat, as he outlined six emerging cyber threats:
1. Smishing. Any kind of phishing that involves a text message. Often times, this form of phishing involves a text message in an SMS or a phone number
2. Synthetic identities. Synthetic identities are a form of identity fraud in which scammers use a mix of real and fabricated credentials to create the illusion of a real person.
3. Attacking AI while it is learning. Artificial Intelligence evolves. It’s most vulnerable to cyberattacks, though, when it’s learning a new model or system.
4. 5G cyber challenges. The higher bandwidth of 5G will allow hackers to launch wider and more powerful attacks that can cause more damage.
5. Vehicle cyberattacks. Cybercriminals accessing vehicles to steal personal data, track the location or driving history of these vehicles, or even disable or take over safety functions.
6. Cloud jacking. a form of cyberattack in which hackers infiltrate the programs and systems of businesses, stored in the cloud, and use these resources to mine for cryptocurrency.
Given the rise in bad actors in the system, PayPal manages to stay secure because of its continued commitment and investment in security to protect its entire ecosystem–from consumers, merchants, to employees.
“The question of cyberattacks is not an ‘if’ question, it’s a ‘when’ question. No matter what you do, as long as you use software, as long as you have a presence on the internet, sooner or later, you are going to be attacked,” said Phoram Mehta, chief infosec officer for PayPal’s Asia Pacific region.
Now that the internet is now a primary mode of human interaction, for business or otherwise, organizations are turning their eye towards cybersecurity. PayPal noted that cybersecurity continues to be among the leading concerns for businesses in the region. A separate report from Allianz confirmed that both Philippine and Japanese companies list cyber incidents as third in their list of top 10 business risks.
According to Mehta, Asia-Pacific companies are expected to invest more in security-related hardware, software, and services. Small and medium businesses in the region however will be prone to higher risks due to lack of budgets and expertise.
PayPal cautions that while there is pivotal growth in digital in APAC, challenges remain. In the Philippines, the internet economy continues to grow, but consumer distrust is still high, evidenced by the reliance on cash.
For PayPal, security is the precursor to building trust. “We make a ton of investment in technology because we are not really just a payments company. We are a trust company,” said Bhat. “Money is such a critical aspect of people’s lives. People count on us to help manage their most valuable asset. And in doing so, we make investments in security.”