Blog post written by Amirah Saad, Sr. Manager, Intelligence at Constella Intelligence
Although society is slowly emerging from national lockdowns, the US will continue to deal with staggering financial losses linked to COVID-19-related fraud scams.
As a result of the pandemic forcing most individuals to stay at home and work remotely, a surge in payments fraud escalated tremendously as millions of consumers shifted their spending and banking activity to online avenues. According to the FBI, the use of mobile banking has increased as much as 50% during the COVID lockdown period.
The abrupt shift in e-commerce and mobile banking activities paved the path for nefarious actors to exploit vulnerabilities in remote corporate infrastructures, merchant websites and financial institutions as they continue to address the increase in mobile banking transactions. According to Tom Kellerman, head of cybersecurity strategy at VMWare, Inc., “cyber-attacks increased 238% between February and April 2020”, during the peak of the COVID-19 quarantine timeframe. Per his testimony before the House Subcommittee on National Security, International Development and Monetary Policy, Kellerman shared the “transnational organized crime groups are leveraging specialist providers of cybercrime tools and services to conduct a wide range of crimes against financial institutions, including ransomware campaigns, distributed denial of service (DDoS) attacks, and access mining.”
Furthermore, this vast field of attack vectors includes but is not limited to the availability of mobile devices and digital systems” which facilitates the process for novice malicious actors to spearhead their own cyber operations. SMS messaging has been used to mislead victims to click on fake banking websites. Additionally, strategic phishing campaigns luring people to disclose personal identifying information (PII) has unfortunately proven to be successful. The main goal of these attacks is to capture banking credentials of unwitting victims and access their funds.
On the flip side, the pandemic has also caused a significant portion of the US population to lose a source of income. “Fraudsters tend to target states receiving high amounts in stimulus relief funding to include stimulus checks, unemployment benefits, as well as loans administered by the Small Business Administration”, says James Lee, chief operating officer of the Identity Theft Resource Center. As a result, unemployment fraud skyrocketed due to state benefits having a higher payout amount and being more widely available.
Unfortunately, many states have streamlined their identity verification process in an effort to facilitate benefit payouts — ultimately keeping the door wide open for fraud.
Cybercriminals know this and sadly, follow the money for nefarious purposes. To date, the Federal Trade Commission estimates over 105,000 COVID-19 related complaints have been filed since the beginning of 2020, costing Americans $68 million USD. Several states are reporting unprecedented levels of identity theft to claim unemployment benefits. For instance, the state of Maine reported approximately 17,000+ reports of unemployment identity fraud, canceling almost $13 million in benefits filed by 2,200 users. A far too similar story is happening in several states — delaying relief aid to be paid out to the rightful recipients.
Both scenarios have witnessed cybercriminals diligently scouring the dark web and acquiring fake personas, PII, as well as business tax ID data. The increase in identity theft is also due to the escalation of malicious actors obtaining this information via data breaches and in turn using it to fraudulently apply for unemployment benefits in someone else’s name or target people via the aforementioned cyber scams. Fraudsters are patient enough to make small gains if it involves minimal work on their behalf. Businesses and consumers alike need to be extra vigilant during these times and protect themselves.
Interested in our work? Please contact us at firstname.lastname@example.org. To learn more about Constella, subscribe to our newsletter below.