Safeguarding the Nation from the ‘Other’ Coronavirus Crisis: Fraud

As the United States and the world grapple with the immediate public health and economic fallout of the coronavirus pandemic, a related crisis has simultaneously emerged: a wave of criminals seeking to prey upon an anxious public.

To those of us in law enforcement, this is a situation we dreaded, yet anticipated. Swindles, scams, and outright thefts have long been a feature of major disasters. The more catastrophic the event, the more active the fraudsters.

However, the COVID-19 pandemic provides criminal opportunities on a scale likely to dwarf anything seen before. The speed at which criminals are devising and executing their schemes is truly breathtaking.

The sheer variety of frauds already uncovered is itself shocking. Law enforcement has already learned of offers of sham treatments and vaccines, bogus investment opportunities in non-existent medical companies, and calls from crooks impersonating doctors demanding payment for treatments.

Scammers are targeting websites and mobile apps designed to track the spread of COVID-19 and using them to implant malware to steal financial and personal data. Thieves are even posing as national and global health authorities, including the U.S. Centers for Disease Control and Prevention and the World Health Organization, to conduct phishing campaigns. They send e-mails designed to trick recipients eager for reliable health information into downloading malicious code.

Perhaps most outrageously—and dangerously—criminals are using COVID-19 as a lure to deploy ransomware, malicious software designed to lock a computer system until a ransom is paid. Ransomware has substantially disrupted hospital and local government operations in recent years. It is a heinous crime to take down the computer network of a hospital or a public health department during normal times; it is homicidal in the midst of a global pandemic.

The implementation of the $2 trillion Coronavirus Aid, Relief, and Economic Security Act will provide even more criminal opportunities. Fraudsters around the world are already developing methods to steal the critical financial support intended for communities, companies, and individuals.

This is unacceptable. We cannot tolerate criminals profiting off an unprecedented crisis and targeting our people when they are at their most vulnerable.

Americans should take solace that law enforcement, at all levels, has swiftly and uniformly recognized this threat. We are marshaling our collective resources to fight back.

At the national level, the attorney general has directed federal law enforcement to prioritize the detection, investigation, and prosecution of all criminal conduct seeking to exploit peoples’ fears during the pandemic. We at the U.S. Secret Service and the Federal Bureau of Investigation are working with our colleagues in the Department of Justice to execute this directive.

We are also teaming up with other federal agencies and U.S. Attorneys’ Offices that have organized COVID-19 fraud prevention teams and hotlines. And we are collaborating with law enforcement offices from state, local, and tribal jurisdictions to ensure a unity of effort across all levels of government.

Our immediate focus is to disrupt and deter criminal activity that could hinder an effective response to the pandemic, to help vulnerable organizations, and to recover money stolen from Americans. In the long term, we will work with our domestic and international law enforcement partners to ensure those who seek to exploit this crisis face justice in court.

Yet law enforcement is not working alone. Federal regulators, too, are stepping up. The Federal Trade Commission, the Federal Communications Commission, and the Food and Drug Administration are tracking consumer protection violations, and have provided best practices for avoiding and reporting unscrupulous business offerings. The Cybersecurity and Infrastructure Security Agency has offered guidance to mitigate digital risks.

The private sector is engaged as well. Internet providers are proactively removing malicious websites and accounts. Social media companies, financial institutions, and cybersecurity firms are working to detect COVID-19-related schemes and to freeze the accounts of those peddling fake products and services, or attempting to defraud consumers.

Individuals and businesses must also be vigilant: Avoid opening email attachments or clicking on links from senders you do not recognize; be wary of messages or calls requesting account information; and always confirm that any information or funds you send are going to a legitimate recipient. Report COVID-19-related crimes to the appropriate authorities.

Criminals should take note: We in law enforcement may be practicing social distancing, but we are by no means sitting idly by. We are working aggressively to enforce the law and are devoting unprecedented resources to pursuing those who seek to undermine the nation’s response effort.