Initiated by the Small Business Administration (SBA) as a part of the $2.2 trillion CARES act passed last March, the Paycheck Protection Program (PPP) was supposed to become a lifesaver able to help small businesses stay afloat amidst the pandemic and keep their employees on the payroll despite not having any revenues for months. However, the $670 billion worth program of small business relief became a field for dirty manipulations and scams.
While the Trump administration stated that about $5.2 million small businesses received help under PPP, the SBA investigation showed, that more than a half of funds went to larger and more financially stable companies, with 1 percent of applicants (well-connected public personas and establishment) receiving easy access to more than 25 percent of all loans issued, while millions of small business owners saw their applications put on hold or refused. This became possible due to the lack of transparency and the ill-designed loan approval mechanism proposed by the Trump administration.
But even those who received the money did not always spend it on legitimate purposes. Instead of allocating the funds to help their employees survive the pandemic, many borrowers bought luxury cars, yachts, lived in exclusive hotel suites, gambled, or invested in cryptocurrency. As it turns out, many applicants did not even have any business at all! As of January 2021, the lump sum of fraudulent PPP claims is yet to be uncovered, but the details known so far are staggering: up to $341 million of taxpayer’s money were stolen by fraudsters!
One of the most common ways of fraudulently obtaining PPP loans was identity theft. Swindlers created fake loan application websites and promoted them online and offline. People submitted their IDs and fraudsters used them to apply for loans. Luckily, the PPP fraud is relatively fresh and many mistakes were made, which allowed the Department of Justice and the U.S. Attorneys office to quickly detect and unravel most of the schemes. Allegedly, most of the ill-loaned funds are recovered, though millions are already gone.
Naturally, should the officials have thought of using an elaborate identity theft prevention mechanism as the one Covery offers, such a result could have been prevented.
On a side note, not only the US PPP program was the target of such fraud. One of the German local governments in North Rhein Westfalia launched a program to support local businesses during the Covid-19 lockdown. An ill-designed application procedure without any validity check resulted in issuing thousands of illicit loans to crooks, who used phishing to fool the officials. According to a ZD Net report, hundreds of millions of Euros were potentially lost.
Wirecard was considered one of the most successful European financial technology firms at one point. It was evaluated at $27 billion, listed among the top 30 German companies and had nearly 6,000 employees spread across 26 countries. However, when the company failed to produce its 2019 report after a series of accusations and investigations of its activity (by KMPG and Dan Crum of The Financial Times, who was digging since 2015), the shocking truth was revealed.
As much as $2 billion in cash were stolen by the CEO and other Wirecard top managers, who have since then been arrested under charges of market manipulation and accounting fraud. However, the results of other independent investigations state that this money never even existed! As of today, the Wirecard stock price plummeted from $233 to $.5, the company filed for bankruptcy to avoid paying out $4 billion to investors, and the European Parliament issued an order to reform the EU financial market to prevent such debacles in the future.
Would you like to tweet a scam as Elon or Kim?
On July 15th, 2020, several prominent Twitter accounts (including Barack Obama, Elon Musk, and Kim Kardashian) started tweeting a Bitcoin scam, while their owners were not able to log in. Surprised followers reported strange behavior and Twitter had to shut down all tweeting from all verified accounts to nip the disaster in the bud.
As it turned out, a group of bored teenagers from Florida used the oldest trick in the book — the social engineering scam to fool one of the Twitter support reps over the phone into revealing the details and the credentials needed to reset the passwords for these accounts. The youth has since been arrested and await trial, the Twitter employee is now most likely unemployed and all corporate America had to revise their customer verification procedures.
Not so Wells Fargo
You surely heard of the 2016 and had to pay $185 million in fees and fines. The CEO, John Stumpf, retired with a $133 million golden parachute but was held under investigation. However, in the several next years, a series of internal and external audits revealed that the total number of fake accounts created surpassed 3.5 million.
Stumpf and 5 his accomplices paid $55 million fines in total and the bank itself had to pay $3 billion to settle the demands of the criminal and civil federal lawsuits. In addition, the audit uncovered more than 800,000 car insurance policies their owners were never even aware of, so the bank had to pay yet another $1.4 billion to settle this case.
UnLuckin Coffee froth
What was founded in October 2017 as an attempt to overthrow Starbucks as the biggest coffee store network — first in China, then globally — almost crushed on itself in 2020. Due to starting big and aggressively growing their network of coffee kiosks (4,500 vs 4,300 Starbucks places in Chinese cities), Luckin Coffee operated with expenses nearly tripling its income for the first couple of years.
However, their growth dynamic convinced investors that the startup can become a unicorn, and at the moment of IPO, with an evaluation of $12 billion, Luckin Coffee stock went from $17 to $50 a share, dominating the NASDAQ and raising $561 million in investment.
Fast forward to January 31, 2020, when a report from Muddy Waters, a prominent US-based short-seller, confirmed the results of an internal audit and showed that more than $310 million of reported 2019 profits never existed. Of course, it is hard to have a profit when you provide free drinks on any occasion and discounts that make your mugs 30 percent cheaper than the competition.
As a result, the Luckin CEO was fired, the stock plummeted by 83 percent and the company had to pay $180 million in fines to settle the deal. The new chairman, Guo, promised strict compliance and financial transparency from now on. Nevertheless, Chinese consumers decided to support Luckin after coming clean, and the app downloads skyrocketed, so maybe this startup will still be able to reach its dream.
According to Carson Brock, the founder of Muddy Waters, illicit conduct and accounting machinations are the usual modus operandi of Chinese companies, as the Chinese stock market crisis of 2015 illustrated. He says that “every single one of Chinese companies is committing some kind of fraud to a certain extent”, but it’s quite hard to catch them red-handed.
Unhonorable conduct at dating sites
With the world on lockdown, people went to dating sites for communication and flirting. The numbers of various dating app users soared and multiple crooks could not leave such an influx of new users unattended.
One of the most notorious examples of such romance scams involves offering a potential partner a joint investment or participation in some money-making scheme. As a part of telling about their occupation, the swindlers explain they have a passive income from a working investment initiative and offer their Tinder (or any other dating app) partner to try it out, promising help and mentorship. Once the victim transfers the funds, the contact breaks the pair, leaving the frustrated partner without money.
Interpol is closely monitoring such cases and warns people not to fall victim to this fraud scheme. However, far too often new fraud cases are not reported for too long after the fact, which makes investigation all but impossible. Thus, being forewarned means being forearmed! If you ever find yourself at the dating site, don’t transfer any money on any causes before a meeting in person — and even then think thrice.
Covid-19 pandemic changed our lives and introduced multiple new frauds and schemes. Luckily, the anti-fraud solutions are also not in lethargy and provide an adequate response to various scams.
All the stories above teach us that risks should be evaluated well before launching a new business process or product. This way, by the moment the project comes to a release — be it a chat assistant on a site or a financial compensation program from the government — all the potential security gaps are closed. At the very least, these should be discovered and associated risks should be minimized, by the principle of 4 eyes.
Be several steps ahead of fraudsters. Think like them, be creative like them. The risk management tools you use should meet the demands of a particular task while being flexible enough to quickly adapt to new challenges. Monitor new tools and test new solutions — the fraudsters will do it, so you should be prepared.
Frauds are omnipresent, but the majority of them can be identified and prevented in time. Otherwise, the crooks are usually caught when they try to benefit from their ill-gained fortunes — through online casino deposits and withdrawals, buying expensive goods online, etc.
Stay on guard, as the fraud keeps evolving!
- Check out our rundown of the best business antivirus solutions
Aleksandr Khelemskiy, product owner, Covery