COVID-19 Fraud Schemes

When a crisis arises, the volume and speed of activity increases causing many people to act with less care and caution. This rapid action mode opens a window of opportunity for scammers and fraudsters. In the midst of the COVID-19 pandemic that window has opened again. Below are some of the schemes that your business or your customers may experience. The format is designed to be used as quick internal training reminders or to send out as a customer alert from your expert staff or relevant committee members.

Fraud Schemes Targeting Your Customers:

 Business Email Compromise: Pay special attention to email communication, including wire requests, from customers to make sure it is not a Business Email Compromise (BEC).

What it looks like: Fraudsters, through spoofed or compromised email accounts, claim to be executives or high-level employees of your customer, fraudulently requesting to transfer funds for a number of reasons, such as the individual is currently:

• Out of the office sick and unable to log-in to the institutions’ online system or secure portal to initiate a transfer. Requests come from an unsecured portal or email.
• Quarantined because of travel and cannot come into the institution to sign documents or a transfer request form.
• Seeking to quickly transfer funds abroad to foreign suppliers for the purchase of on-demand medical supplies to be used to prevent/protect against the Coronavirus, e.g. medical masks, gloves, disinfectant, etc.
• Leveraging social engineering tactics through legitimate social media websites seeking to send donations for charitable causes related to the virus.

Stealing Personal Identifiable Information (PII): Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.

What it looks like: Fraudsters, through spoofed emails seek to obtain Personal Identifiable Information from the recipient with messages such as:

• Emails claiming to be from the Centers for Disease Control and Prevention (CDC) or other experts saying they have information about the virus and asking for PII to see the content. For the most up-to-date information about the Coronavirus, visit the CDC and the World Health Organization (WHO).
• Scammers are sending links to a bogus WHO website that ask users for their email password in order to see "safety measures" about COVID-19.
• Scammers are sending emails that appear to originate from Federal, State and Local authorities, local school systems, health care providers, etc. These phishing emails use scary subject lines and content about supposed local infected people or keeping you and your family safe from the virus. The email might prompt you to open an attachment or click on a link which may contain malware or ask for PII; or may ask for donations to fraudulent charities to help stop the spread of Coronavirus.

Fraud Schemes Targeting Your Company:

 Business Email Compromise: Pay special attention to email communication, appearing to come from a senior executive, legal, HR, risk or accounts payable.

What it looks like: Emails related to pandemic planning and safety measures, requesting:

• Personally Identifiable Information (PII)
• Tax information of employees and executives

Business Email Compromise: Pay special attention to email communication coming from what appears to be vendors of the Company or local businesses.

What it looks like: Emails that advertise products or services to safeguard the business against the Coronavirus. Specifically emails that prompt you to:

• Open an attachment
• Click on a link
• Ask you for information related to the Company or employees.

While a majority of the vendor related emails are legitimate, it is prudent to exercise caution. Stay safe and vigilant.