Fraud schemes amid COVID-19

COVID-19-related scams are running rampant. There are reports of a rise in charity fraud, fake job claims, fake COVID-19 tests on the black market, supply chain fraud, price gouging, cyber scams and more. In late 2020, two Texas men were charged with trying to sell $317 million in fake N95 face masks to a foreign government. The government made a payment to the men but the payment was intercepted before it went through, according to prosecutors.

In 2019, the U.S. Small Business Administration (SBA) in charge of the Paycheck Protection Program (PPP) loans, received under 800 calls on its fraud hotline. Through August of 2020, the fraud hotline had more than 42,000 calls. Though we have yet to know the real extent of fraud among government coronavirus relief packages such as PPP and Economic Injury Disaster Loans (EIDL), experts estimate it’s at least in the tens of millions. Multiple people have already been charged with PPP-related fraud claims.

A wave of attempted fraud is also hitting state unemployment benefits programs after states have struggled to process record-high claims. In October 2020, the Arizona Department of Economic Security said that it had prevented 43,000 people from receiving unemployment benefits in order to investigate potential fraud. According to the Wall Street Journal, officials believe U.S. state losses tied to unemployment insurance fraud will be in the billions of dollars.

There’s also the increased risk of insider threats for enterprises and government agencies, says Scot Walker, managing director with Mantle Advisors global investigations and intelligence firm, San Jose, Calif. As people are furloughed or their partner loses his or her job, people can become desperate. “There is, of course, the insider risk. If I give a loan to my buddy, he helps me out and gives me 25% as a thank you because my wife is out of work. In challenging times, it’s not only criminal organizations that are threatening; people have to put food on the table,” he says.

In December 2020, a former employee of the Massachusetts Department of Labor was arrested and accused of misusing her position to submit fraudulent Pandemic Unemployment Assistant (PUA) claims for herself and her husband.

A former contract employee with California’s Employment Development Department, which administers the state’s unemployment insurance program, was charged in federal court with fraud and identity theft in connection with a scheme to steal hundreds of thousands of dollars in pandemic unemployment aid. According to the complaint, the woman conspired with her boyfriend, a prisoner at California State Prison, to submit fraudulent pandemic unemployment insurance claims for California state prisoners and out-of-state residents whose identifying information was stolen.

Indeed, with more than $300 billion given out to more than five million businesses through the PPP and a second relief package approved in the U.S. at the time of publication, a significant portion of funds is thought to be going to fraudsters, says Jon Goldberg, senior vice president and deputy director of financial intelligence at a large financial firm. “It’s a guesstimate and no one will really know the extent of it for another two years most likely, but we’ve heard that 40% of SBA-controlled PPP loans were either fraudulent or had misrepresentation or falsified information on the application,” he says.

And yet, fraud schemes within government programs are just the tip of the iceberg when it comes to fraud schemes that have spawned or increased due to the COVID-19 pandemic. “We are seeing CARES Act benefits fraud, SBA PPP and EIDL fraud, unemployment fraud, illegitimate products, supply chain fraud, and enhanced cyber threats and work-from-home vulnerabilities,” says Karl Perman, president and co-founder of risk consultancy CIP CORE, and a member of Security’s Editorial Advisory Board. “The scope and magnitude of fraud related to COVID-19 is huge.”

Much of the fraud happening related to COVID-19 right now can be broken into first-party fraud that entails a person or group applying for fake loans or lying on an application to receive bigger payouts, etc., and third-party fraud which includes stolen identities to apply for loans or benefit financially, account takeovers, synthetic ID fraud, phishing schemes, ransomware and more.

Recently, the U.S. Attorney’s Office in Baltimore reported authorities had seized two domain names posing as biotechnology companies developing COVID-19 treatments. An investigation began by Homeland Security Investigations after corporate security for Moderna Inc. located one of the fake websites and contacted authorities, according to the indictment. The site showed the name and trademarked logos for the biotechnology company and redirected visitors on the Contact Us page to a form requesting name, company/institution, title, phone, e-mail, and comments/questions. It’s unclear if any identifying information was gained or used by the threat actors before the sites were taken down by authorities.

On the enterprise side, many organizations have seen an increase in fraud related to job scams. High-profile companies have had fraudsters impersonate them in fake interview calls or emails, asking for private information to conduct background checks or to pay upfront for technology costs with reimbursement down the line — potentially damaging the company’s reputation and defrauding innocent people of money or their identities.

In addition to reports of impersonation such as the above, another risk seeing a surge is synthetic ID fraud, where a fraudster combines real biographic information with fake information to create a synthetic or fake person. An example of synthetic ID fraud, would be a bad actor using a child’s social security number along with a fake name and address to create a banking account or apply for a credit card. This type of fraud is the fastest growing type of financial crime in the U.S. right now, according to McKinsey.

Financial institutions and eCommerce merchants are also experiencing an increase in account takeovers (ATOs). ATOs — where a legitimate loan was requested or account created but a fraudster gains access to the account and removes funds — have grown by 378% since the start of COVID-19, according to Sift, a payment fraud solutions company’s Q3 2020 Digital Trust and Safety Index report.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.