Fraudsters Exploiting the Pandemic: Evolving Fraud and Money Laundering Patterns

The global struggle against the coronavirus pandemic is a bust for the economy but it is leading to a boom period for fraud.

The movement of a large segment of the population to remote work, the approval of massive stimulus packages, and the general unpredictability of events on a day to day basis are leading to an explosion in scams and other fraudulent activity. The increased volume of known fraud typologies is a challenge in and of itself, but we need to be prepared to detect new approaches that are specifically tailored to exploit the situation, requiring flexibility that many AML and anti-fraud teams are not geared for.

Our monitoring of trends across the space highlighted a number of categories to look out for. They fall broadly into three categories: consumer scams, business scams, and money laundering.

Consumer:

• Treatment scams: Examples include fake cures, testing kits (even fake drive through testing), and purported vaccines. Purveyors of these scams are setting up fake social media accounts and web sites and are requesting payments through P2P payment platforms.
• Supply scams: Online stores and social media accounts selling high demand products like face masks, hand sanitizer, and other medical gear. These scams also typically involve a demand for payment through P2P platforms.
• Provider scams: Fake medical providers or insurance companies demanding payment for services provided to consumers or relatives. This technique is used to either convince the target to divulge sensitive personal information or to initiate a fraudulent payment.
• Travel-related scams: Fraudsters posing as airlines, hotels, cruise lines, etc. reaching out to discuss refunds. They hope to convince the target to provide financial account information in order to “return” funds that they may have spent.
• Charity scams: Fraudsters soliciting donations for relief organizations.
• Student loan scams: Fraudsters are reaching out to students to “advise them” on changes in payment terms associated with the pandemic.
• FDIC scams: The FDIC has reported an increase in communications from people pretending to work at the FDIC. The scams claim that banks are limiting access to deposits or that there are security issues with existing deposits to try to gather account information.
• Stimulus related scams: Following the passage of the stimulus bill, fraudsters have begun to pose as financial institutions and government staff reaching out to “verify” the target’s information to ensure that they are able to receive stimulus transfers.

Business

• Spear-phishing: Spear-phishing is not a new phenomenon but fraudsters are taking advantage of the confusion caused by the mass shift to working from home and the upheaval in many business models to trick people into making decisions that they would otherwise take the time to consider and verify. Anecdotes of emails purportedly from senior executives at the target’s company demanding that they urgently move money have been on the rise. Some examples even involve convincing employees that they need to buy Amazon or eBay gift cards and send them out for “urgent supplies”.

Money Laundering

• Increased Money Mule activity: Criminals regularly prey on the unemployed or unsophisticated to get them to act (knowingly and unknowingly) as money mules in exchange for compensation. As Comply Advantage pointed out, there has been an uptick in advertisements for money mule activities under the guise of legitimate-seeming work. With more than six million new unemployment claims in the United States alone, many people are looking for ways to supplement their income and may decide to act on an ad that they see.

Some common themes

• Panicked money movements are creating a lot of noise that makes it easier for fraudsters to hide their activity amongst the noise.
• Reduced face time between financial institutions and their customers and between individuals has opened the door for fraudsters to impersonate people we know.
• Elder exploitation: Scammers already have a tendency to target elderly populations but the proportionally higher risk of exposure has caused a commensurate increase in fraud targeted at the elderly.

What measures can you take?

• Be aware of the impact of the shift to mostly remote-work on your customers’ normal behaviors. You already should have a strong understanding of who your customers are, take the time to think through how this situation may impact them.
• Look for a lack of change where you would otherwise expect it. The upheaval may also expose bad actors who were hiding in plain sight before. Look for customers who should have had some impact on their business but remain strangely unaffected.
• Train your customer support, fraud, and compliance teams on evolving patterns. Your existing approach to monitoring may not work in the current environment. Implement a process to provide frequent updates to your teams via standups or another mechanism to be sure they are up to speed.
• Implement weekly cross-team meetings with representatives from these teams to share things they have seen. They should focus particularly on false positives and false negatives flagged during monitoring to determine if changes to models should be made.

We are constantly working to stay on top of new and evolving fraud and money laundering behaviors so we can make it more difficult for bad actors to exploit the situation. Please feel free to reach out to us at info@hummingbird.co if you have any resources or new fraud behaviors that you have come across — we would love to hear them. You can also find us at hummingbird.co if you would like to learn more about us.