You can always count on cyber-criminals and fraudsters to come out of the woodwork when a national crisis occurs.  The COVID-19 pandemic has resulted in a multitude of criminal schemes.  Companies that rely on remote employees have to be vigilant in alerting employees to phishing, malware and other scams used by cyber-criminals and fraudsters.

DOJ, the FBI and the private sector have been cooperating to disrupt these schemes that are tied to internet domain designed to exploit the COVID-19 pandemic.

DOJ recently announced that the FBI’s Internet Crime Complaint Center had reviwed more than 3600 complaints related to COVID-19 scams, many of which were based on websites that advertised fake vaccines and cures, operated fraudulent charity drives, delivered malware or promoted other types of schemes.  These websites used domain names such as “covid19,” or “coronavirus,” and even claimed to be affiliated with public health organizations.

Some examples included:

• A website that pretended to collect donations to the American Red Cross;

• Fake websites that spoofed government programs to trick users to enter personally identifiable information, including banking details;

• Websites of legitimate companies used to facilitate delivery of malicious software.

Domain hosts acted in concert with DOJ and the FBI to take down these domains based on violation of their abuse policies.  Cybersecurity researchers have assisted law enforcement to develop tools to identify malicious domains.  FBI agents are pursuing some of these cases for criminal prosecution. 

In another striking example, the IRS discovered a number of look-alike websites for submitting requests for stimulus payments.  After some initial investigation, these websites were shut down.

The FBI also noted that cyber-criminals are mimicking cloud-based email services to exploit the COVID-19 pandemic.  The scams are conducted through phishing scams to request transfer of funds from the user to the fraudster.  The phishing scam relies on copies of cloud-based email services – once the account is infiltrated, the cyber-criminals use the information from the account to request that future invoices be paid to another bank account.

DOJ and the FBI have listed a number of steps companies and individuals should take to avoid these scams.

• Verify the identity of any company, charity or individual contacting you about COVID-19 relief;

• Check websites and email addresses from users offering information, products or services related to COVID-19.  Fraudsters usually rely on domain addresses that differ by one character from well-established entities involved in COVID-19 relief.

• Avoid any emails or websites claiming COVID-19 cures or treatments and/or requesting personal information;
• Avoid clicking on links or open attachments from unknown or unverified sources – this could be a means to download a virus to your computer;

• Check online reviews of any company offering COVID-19 products or supplies.

• Research any charities or crowdfunding sites soliciting donations relating to COVID-19;

• Set-up multi-factor authentication for your email accounts;

• Add an email banner/message for emails coming from external individuals; and

• Authorize alerts for foreign log-ins to your account;