The situation we observe at ImmuniWeb is largely exacerbated by SMBs' insecure websites. Frequently, fraudsters swiftly take control of outdated WordPress or Drupal websites, and modify phone numbers and email addresses listed there. Then it becomes virtually impossible to recognize the fraud for would-be lenders. Worse, such security incidents maybe later assigned to the victimized business owners as a negligent failure to protect their business, making them liable for fraudulent transactions they indirectly facilitated. Less sophisticated gangs may use black SEO or even lawful DMCA takedown requests to make legitimate websites disappear from Google, and bring a similar domain name with copy-pasted content but altered phone numbers and phony emails. The proliferation of stolen data across the Dark Web bolsters mushrooming fraud, enabling cybercriminals to massively usurp identities in a riskless and effortless manner. They aptly forge critical documents, based on the information previously leaked online, and preclude even experienced fraud investigators from noticing any red flags in time. The economic slowdown caused by the pandemics will likely spur further growth of identity theft and a wide spectrum of financial fraud stemming from it.  Read Less