Illicit actors are engaged in fraudulent schemes that exploit vulnerabilities created by the Coronavirus pandemic.
Consumer frauds include imposter scams and money mule schemes where fraudulent actors deceive victims by impersonating federal government agencies, international organizations or charities.
In imposter scams, criminals impersonate organizations such as government agencies, non-profit groups, universities or charities to offer fraudulent services or otherwise defraud victims.
While imposter scams can take multiple forms, the basic methodology involves an illicit actor contacting a target under the false pretense of representing an official organization and coercing or convincing the target to provide funds or valuable information, engage in behavior that causes the target’s computer to be infected with malware or spread disinformation.
In the case of schemes connected to COVID-19, imposters may pose as officials or representatives from the Internal Revenue Service (IRS), the Centers for Disease Control and Prevention (CDC), the World Health Organization (WHO), other healthcare or non-profit groups, and academic institutions.
Illicit actors can use imposter scams to defraud and deceive the vulnerable, including the elderly and unemployed, through the solicitation of payments (such as digital payments and virtual currency), donations or personal information via email, robocalls or text messages. The Federal Communications Commission (FCC) and the Federal Trade Commission (FTC) have sent warning letters to multiple Voice over Internet Protocol (VoIP) service providers for allegedly routing illegal pandemic-related scam telemarketing, robocalls or other communication methods.
For example, an imposter may contact potential victims by phone, email or text to imply that the victim must verify personal information or send payments to scammers in return for COVID-19-related stimulus payments or benefits.
Another instance includes imposters contacting victims and posing as government or health care representatives engaged in COVID-19 contact tracing activities, implying that a victim must share personal or financial information as part of contact tracing efforts.
Multiple examples include phishing schemes, where imposters send communications appearing to come from legitimate sources, to collect victims’ personal and financial data and potentially infect their devices by convincing the target to download a malicious attachment or click malicious links.
Scammers may also impersonate legitimate charities or create sham charities, taking advantage of the generosity of the public and embezzling donations intended for COVID-19 response efforts.
Criminals often use social media accounts, door-to-door collections, flyers, mailings, telephone and robocalls, text messages, websites and emails mimicking legitimate charities and non-profits to defraud the public. These operations may include words like “relief,” “fund,” “donation” and “foundation” in their titles to give the illusion that they are a legitimate organization.
Money Mule Schemes
A money mule is a person who transfers illegally acquired money on behalf of or at the direction of another.
Money mule schemes, including those related to the COVID-19 pandemic, span the spectrum of using unwitting, witting or complicit money mules.
An unwitting or unknowing money mule is an individual who is unaware that he or she is part of a larger criminal scheme. The individual is motivated by his/her trust in the actual romance, job position or proposition.
A witting money mule is an individual who chooses to ignore obvious red flags or acts willfully blind to his/ her money movement activity. The individual is motivated by financial gain or an unwillingness to acknowledge his/her role.
A complicit money mule is an individual who is aware of his/her role as a money mule and is complicit in the larger criminal scheme. The individual is motivated by financial gain or loyalty to a criminal group.
During the COVID-19 pandemic, U.S. authorities have detected recruiters using money mule schemes, such as good-Samaritan, romance and work-from-home schemes.
In work-from-home schemes, for example, COVID-19 money mule recruiters, under a false charity or company label, may approach targets with a seemingly legitimate offer of employment under the pretense of work-from-home jobs, often through internet or social media advertisements, emails or text messages. Once the target accepts the “employment,” he or she receives instructions to move funds through accounts or to set up a new account in the target’s name for the “business.” The target (i.e., the money mule) earns money by taking a percentage of the funds that he or she helps to transfer per the instructions of the “employer.”
U.S. authorities also have identified criminals using money mules to exploit unemployment insurance programs during the COVID-19 pandemic.
Stay in the Know
Detecting, preventing and reporting consumer fraud and other illicit activity related to COVID-19 is critical for national security, safeguarding legitimate relief efforts and protecting innocent consumers from harm.
Overall, the message from the Federal Bureau of Investigation (FBI) and the FTC during this time is to be extra vigilant and cyber-smart. Hackers know how vulnerable the world is to Coronavirus fears, and everything involved with the pandemic can be exploited.
The FBI’s ic3.gov has helpful information, including where to report scammers so others can avoid them. They welcome all concerned to visit the site frequently as it is continually being updated with legitimate Coronavirus-related information and resources.