Any time the world is thrown off balance by a major, sustained event or incident, it’s an opportunity for some of our most creative minds for a burst of new and refined criminal activity. The global pandemic presents an atmosphere ripe for criminal creativity, and the United States is now drowning in new colorful types of fraud.
According to the Federal Bureau of Investigation (FBI), as of May 28th, its Internet Crime Complaint Center (IC3) received as many complaints in the first five months of this year as it did for all 12 months of 2019.
Three-quarters of those complaints are frauds and swindles, and the “sheer volume” is “a challenge” for the FBI.
From the sale of counterfeit personal protective equipment (PPE) claiming to ward off coronavirus and fake cures to fraudulent unemployment insurance claims, stimulus check scams and even plots to take advantage of children engaging in online schooling, the vultures have come out of the pandemic woodwork in full force.
Real estate scams are just one target--but of the high-dollar variety.
With the real estate industry in lockdown for months, many elements of the closing process that were normally required to be done in person for security reasons were accomplished digitally, opening up magnificent opportunities for IT-savvy criminals to hijack emails between agents, title agencies and buyers, convincing buyers to send their down payments to wrong parties.
Digital real estate scams were already a growing problem before the pandemic, but the stay-at-home restrictions that kept some signing and payment processes from being completed in person have given criminals access they could only have dreamed of last year.
If 2018 saw over 11,000 people fall to digital real estate schemes--already up 17% from 2017--with losses in the neighborhood of $150 million, 2020 is shaping up to be a far bigger bonus for criminals.
The biggest scam of all, however, has involved unemployment checks and stimulus payments.
With more than 44 million Americans filing jobless claims over the past three months, criminals have an endless pool of potential victims.
The State of Washington alone now estimates that unemployed check fraud has resulted in early $1 billion in losses for the state, with nearly half of that this year.
“The ESD [Employment Security Department] fraud case is beyond anything originally suspected. Nearly $1 billion has been lost to Nigeria and other fraudsters,” Senator Ann Rivers said.
Now, the unemployed may have to wait even longer to get their checks as the state and federal authorities try to figure out how to staunch the criminal bleeding.
According to the Department of Labor, some $26 billion in unemployment benefits would be lost nationwide.
“The Department has estimated that about 10% of unemployment insurance payments are improper in the best of times. With the large amount of funding under the CARES Act, the improper payment rate potentially will be much higher. The fraud rate within that could range from at least 3% to a much higher percentage of improper payments. That means a conservative estimate of $26 billion could be wasted, and a large portion of that could be pocketed by fraudsters instead of going to legitimate workers,” the House Committee on Oversight and Reform said.
And, of course, a new Nigeria criminal ring called “Scattered Canaary” is believed to be behind a good chunk of the fraud.
According to the Agari Cyber Intelligence Division, Scattered Canary has been operating for over a decade, masterminding unemployment, social security, disaster relief and student aid fraud. The report found that the group has also been connected to the CARES Act Economic Impact Payments for the COVID-19 pandemic.
The MO relies on Gmail “dot accounts” and the mass creation of accounts on target websites, such as unemployment and IRS websites that process CARES Act payments for non-tax filers. According to Agari, “Google ignores periods when interpreting Gmail addresses”, creating a loophole for fraudsters and allowing them to scale up their operations “by directing all communications to a single Gmail account”.
In digital forensic analysis of fraudulent CARES Act payments, Agari found that Scattered Canary filed these claims using the IRS’ website created to process claims. In order to steal this money, the group needed the individual’s name, address, date of birth and social security number.
“We have seen a more than 3,000% increase in COVID-19-themed phishing attacks since the beginning of February. Phishing attacks targeting a quickly growing remote workforce have increased significantly and BEC actors are evolving their tactics to adapt to stay-at-home orders affecting their targets. So it shouldn’t be a surprise that scammers are also trying to get a piece of the billions of dollars that has flooded the system to try and provide relief to millions of people who have been impacted by the pandemic,” Agari said in its report.
In the meantime, the Federal Trade Commission says consumers at large should be wary right now of a multitude of other scams, with some $50 million in losses so far reported to the agency by 61,000 people.
Fidelity National Information Services, which monitors fraud for banks, has seen a major increase in credit card scams due to the uptick in online shopping and a sudden barrage in vacation deals.
And then we have the fake cures lining up faster than anyone can keep track of them, along with a significant increase in charity imposters.
Among other pending cases and potential frauds-in-motion, last Friday, a federal grand jury indicted a California man fraud charges for soliciting investments in a miracle pill that he claimed would both cure and prevent COVID-19.
Also last week, Federal agents in Baltimore seized over 14,000 “treatment capsules” and fake coronavirus testing kits said to have been imported from China. The agents warned that they have seized fake treatment capsules in the past with dangerous ingredients, including sheet rock, pesticides and lead.
By Charles Benavidez for Safehaven.com
More Top Reads From Safehaven.com: