“While this crisis has brought out the best in most Americans, there appear to be a few unfortunate exceptions. We will not tolerate bad actors who treat the crisis as an opportunity to get rich quick.”
– U.S. Attorney General William Barr, Office of the Attorney General Memorandum
As the effects of the COVID-19 pandemic continue to unfold, financial institutions have responded to the unprecedented situation with resilience, prioritizing the well-being of their employees and customers, while continuing to provide financial services during the crisis. However, the pandemic has also emboldened fraudsters to commit opportunistic crimes while processes and resources at financial institutions are strained. FinCEN has recently warned of fraudulent activities capitalizing on the COVID-19 crisis in a statement that has been echoed by multiple industry agencies. At Verafin, we are actively monitoring for emerging fraud trends in the Verafin Cloud and working directly with our financial institution customers to identify new schemes and variations in fraud typologies related to the COVID-19 crisis.
To mitigate losses, employees and customers must understand how criminals are exploiting the COVID-19 crisis for fraud. We have compiled examples to help frontline and back office staff gain a deeper understanding of these current scams and protect your customers from loss.
Fraud Scams Capitalizing on the COVID-19 Crisis
Many of the identified fraudulent schemes are based on known fraud tactics, but prey on consumers’ fear surrounding COVID-19 to facilitate the crimes.
- Provider scams: The Nevada U.S. Attorney’s Office has reported criminals posing as healthcare providers, demanding payment for treating a loved one they claim contracted COVID-19. Accordingly, financial institutions should monitor customer accounts for uncharacteristic transfers, such as unusual wire payments.
- Business Email Compromise (BEC): Around the world, COVID-19 has disrupted the normal cadence of day-to-day work. With expedited purchases and other uncharacteristic transactions now more common, the current crisis is ideal for BEC attacks, according to the Federal Trade Commission (FTC). Bad actors can make urgent requests with less suspicion, while remote work arrangements can prevent employees from confirming these requests. Financial institutions should monitor business account transfers with additional scrutiny and aim for real-time review of potentially suspicious transfers.
- Information technology scams: With more and more Americans working from home, fraudsters are using this change in routine to their advantage. The FTC has described criminals researching target companies, using social engineering and impersonating information technology staff to request passwords and deceive employees into downloading malicious software. Criminals may use this information to gain access to customers’ online accounts and perform unauthorized transfers.
- Phishing scams: In a recent public service announcement, the FBI warns of scam artists sending phishing emails framed as messages from the government requesting personal information for economic stimulus checks. They have also observed similar incidents involving fraudulent charities, vaccines, and airfare refunds. Research from Barracuda Networks indicates that “the volume of [phishing] attacks spiked 667% from February to [March with] more than 9,000 incidents.” By gathering personally identifiable information (PII) through phishing, criminals can gain unauthorized access to a victim’s online account to access funds or create synthetic identities to commit further fraud.
Fraudsters are constantly innovating to maximize their gain from the COVID-19 crisis; authorities have identified other schemes that include variations of known fraud tactics that may target vulnerable consumers, including testing scams, supply scams, charity scams and investment scams. Institutions should educate their employees about these and other emerging fraud typologies to protect customers from loss.
Educating Customers
Well educated customers can be a valuable frontline defense against fraud. Numerous agencies are producing consumer awareness resources and information that you can share with customers for their comfort and protection, including the FTC, the Internet Crime Complaint Center (IC3), the U.S. Department of Justice, and the FBI.
Civilians should avoid suspicious links, ignore sales pitches for vaccines, and take extra steps to verify the legitimacy of charities and other entities, being wary of requests for wire, mail, gift card or cash payments. U.S. Attorney’s Office, Western District of Pennsylvania
Customers who believe they have fallen victim to a scam pertaining to COVID-19 may contact the National Center for Disaster Fraud hotline or file a complaint with the FBI or IC3.
The Verafin Resource Center contains a wealth of complimentary information, including educational webinars on common fraud scenarios and our Understanding Fraud Schemes & Scams eBook, to help your personnel reduce the risk of your customers falling victim to third-party schemes.
Verafin: Here to Help
Education and continued diligence are key to combating fraud schemes as bad actors increasingly exploit the COVID-19 pandemic. By empowering your fraud prevention team and ensuring your financial crime management solutions are responsive to your needs during this crisis, your institution will be better able to detect and prevent financial crime.
“An unprecedented public health crisis creates an unprecedented opportunity for scammers and con artists. Now more than ever, we need to work together to protect our community from fraud.”
– U.S. Attorney General Gurbir Grewal, COVID-19 Fraud Task Force Announcement
If your institution is experiencing an increase in fraud scams, Verafin is here to help protect you and your customers with complimentary educational resources and solutions to mitigate losses.