Here is a short story. You fall in love with someone you meet on social media. You are excited, but also wary. You chat on WhatsApp, post updates on Facebook, exchange sweet nothings on Skype and even plan to meet each other in person. Then, suddenly, your online friend has an accident, or is nabbed by the cops, or has an acute family emergency, or an unexpected mishap. And your “friend” asks you for an urgent loan. The request seems sincere, the mishap seems unfortunate and the episode tests your faith in your new love.
What would you do?
If you answered yes, you were willing to help your new friend by sending money — not a big sum at this point — you are not alone. You, like many Malaysians who thought likewise, felt a pang of pity or guilt and transferred money online or offline. Your friend, in anguish, thanks you profusely before asking for more money.
Malaysians are arguably one of the most gullible people in the world when it comes to online scams. That is the conclusion of a recent survey by Norway-headquartered telecommunications company Telenor Group. An astonishingly high 63% of surveyed Malaysians said they lost money to an internet scam in 2016 or 2017.
Telenor polled 400 internet users aged 18 to 65 in Malaysia, Singapore, Thailand and India. “With 71% of respondents admitting to being an internet addict, the results showed that internet scams are a big concern to Asian consumers today. The study revealed that the average financial loss of scammed survey participants was US$9,900 per person. This comes despite nearly 94% of those surveyed stating that the internet has improved their lives and a further 80% believing that it has helped strengthen personal relationships,” says the report.
The added fear? With the surge in smartphone use, consumers in Asia consider themselves 300% more likely to fall victim to a scam on their smartphone than in person. The average loss per person due to an internet scam was US$7,000 in Malaysia compared with US$11,130 in India and US$11,300 in Thailand.
“About 20% of Malaysians admitted to having fallen for an online dating scam while another 20% have lost money in an online auction scam,” says the report.
That is just the tip of the iceberg. In September last year, Malaysian and Singaporean police joined forces to bust a cross-border internet love scam syndicate in which 25 Malaysians and seven Singaporeans lost a total of US$245,000 (RM1 million) to scammers, allegedly from Africa. Malaysia’s Commercial Crime Investigation Department arrested 11 suspects, including 10 Africans, in Kuala Lumpur.
Posing as successful or attractive individuals, the scammers would cultivate relationships with victims online before asking the victims to give them money to pay fines and fees. They claimed that they needed the money as they were detained by government authorities, the cops said.
In November last year, investigators in Hong Kong worked with the Malaysian police to bust a Kuala Lumpur-based syndicate that had allegedly duped 48 Hong Kong women and an elderly man out of HK$29.5 million (RM16 million) in online romance scams.
“One victim lost HK$6 million to a con artist pretending to be a British engineer. The alleged ringleader of the transnational racket was among two Nigerian men, a Nigerian woman and an Indian woman picked up during a raid on their operational centre in Kuala Lumpur,” the South China Morning Post reported.
Is e-commerce, or eCom, turning out to be an eCon game? It seems so. One barometer: The incidence of credit/debit card fraud has rocketed in the past few years, partly as a result of the rise of e-commerce and mobile payments.
“Worldwide losses climbed to almost US$23 billion in 2016 and could be close to US$44 billion by 2025. A recent report found that 82% of companies surveyed had been victims of fraud in 2016 — an increase of 21 percentage points in four years,” says McKinsey in a report.
“In addition to the direct cost of fraud, companies also lose sales when good transactions are denied by fraud management systems. Another report found that up to 25% of declined sales transactions for e-commerce merchants were false positives.”
The biggest market in the world — the US — is also the biggest hunting ground for eCon. “The US leads the world in losses from card fraud. In 2016, the US had a 40% share of global losses, worth US$9 billion,” says the McKinsey report.
“Between 2013 and 2016, the cost of card fraud as a percentage of revenue for US merchants rose 42% while the number of fraudulent transactions rose 34%. A disproportionate share of this burden falls on larger e-commerce and m-commerce merchants, with fraud costs as a percentage of annual revenues running 15% and 30% higher respectively than those of physical retailers.”
A rising concern in the online retail world is what is called “friendly chargeback fraud”. How does that work? All shoppers have to do is contact their bank to dispute a purchase and claim whatever falsehood best serves their purpose.
“For example, the consumer may claim merchandise was not delivered, but it actually arrived right on time. Or they can say a transaction was not authorised when, really, it was,” Forbes reported in September.
Technology may have turned some consumers into criminals, which is why it is called friendly chargeback fraud. The total estimated cost of chargebacks reached US$31 billion last year. That amount was not distributed evenly across the market, though, as nearly 66% of the burden fell on e-commerce retailers.
“Even then, US$31 billion a year is a conservative estimate of the real economic impact of chargebacks. Some sources say it could be as much as US$80 billion or more — and the damage is spreading,” Newsmax Finance noted in an article published last month.
When “return fraud” is factored in, the amount is staggering. “We could factor in return fraud, which results from accepting invalid returns as an alternative to a chargeback. Then, there are the false positives resulting from overly strict fraud rules meant to avert criminal attacks. All of these could add up to as much as US$150 billion every year,” Monica Eaton-Cardone wrote in Newsmax Finance.
What can Malaysia do to ensure that legitimate eCom flourishes while the criminal eCon fraudsters do not benefit? It must build a resilient, inclusive and efficient e-commerce infrastructure and system as a strategic platform for socio-economic development, Malaysia’s Communications and Multimedia Minister Gobind Singh Deo said last month. He also advocated that security measures be implemented to deter malpractice.
Given the ubiquitous nature of e-commerce, it is impossible for humans to monitor every online transaction or interaction to rule out potential fraud. High-tech is the only option to fight crime that also uses high-tech. Many companies invest heavily in fraud detection capabilities without giving sufficient consideration to how accurate and specific these alerts are in practice.
“The return on security investment should be the ability to separate noise (false alarms) from signals (real threats). One company is now pooling its security data into a data lake and exploring all potential correlations among the incidents and events that trigger alerts,” McKinsey notes in its report.
“The result is a material improvement in the signal-to-noise ratio and faster response times by company security analysts. This approach to reducing false positives and redirecting resources to real threats can be enhanced by adding external data sources such as threat feeds or dark web scanning.”
Especially vulnerable are small and medium enterprises (SMEs) that do not have the money or muscle to handle eCon threats. The solution: Partner high-tech companies that do.
SMEs are the key to a country’s progress. In 2016, the Ministry of International Trade and Industry announced an initiative to bring 80% of SMEs into the eCom space that could potentially serve 87 million digital customers across Asean.
Malaysia has more than 15 million online shoppers (50% of the population) and 62% use their mobile devices to shop online. The country has about 25 million active internet users (79% of the population). Of these, 24 million are social media users, 21.6 million are unique mobile users and 22 million use social media on their mobile devices, according to statistics provided by the Malaysian Communications and Multimedia Commission. The key question is, does the law protect the online consumer?
The country’s e-commerce laws are based on a combination of the Electronic Commerce Act 2006 and the Electronic Government Activities Act 2007. Malaysia was the first country in Asean to pass a Personal Data Protection Act in 2010 to guarantee online privacy. Why do laws matter? Because of the increasing push towards DX, or digital transformation, of which eCom and mCom are components.
Have Malaysian companies started their DX journey? Last year, about 7% of Malaysia’s gross domestic product was derived from digital products and services created directly from the use of digital technologies such as mobility, cloud computing, the Internet of Things (IoT) and artificial intelligence (AI). By 2021, DX will add an estimated US$10 billion to Malaysia’s GDP and increase the growth rate by 0.6% on an annual basis. That prognosis comes from a joint study by Microsoft and IDC Asia-Pacific.
Last month, IDC announced its second DXa (DX Awards), at which CIMB Bank was declared the 2018 Digital Transformer of the Year. Other winners were Boost by Axiata Digital eCode, KPJ Healthcare, Hong Leong Bank Bhd, Companies Commission of Malaysia, AirAsia Bhd and Astro Malaysia Holdings Bhd.
“We have seen interesting projects on cognitive computing/AI, big data and analytics, IoT, robotics and robotic process automation being utilised across vertical industries, among others. This signifies that DX has achieved a macroeconomic scale. The local winners have shown that Malaysian enterprises are well positioned to take full advantage of digital transformation,” says IDC Asean managing director Sudev Bangah.