FinCEN Guidance on Cyber Fraud – Video
FinCEN's Three Guidances
FinCEN recognizes increase in cyber fraud
Cyber fraud increased significantly in 2020 due to the increased vulnerabilities caused by the COVID-19 pandemic. The Financial Crimes Enforcement Network (FinCEN) has given us three good pieces of guidance surrounding COVID-19 related fraud. Financial institutions were very aware of the significant rise in fraud, and the guidance addresses more of what has happened since the beginning of the pandemic.
The three guidance releases will be discussed in some detail without going into all aspects of the releases. They are very detailed advisories, the first concerning cybercrime and cyber-enabled crime during the pandemic.
WFH Causes Problems
Cyber criminals target remote platforms
Targeting and exploiting remote platforms has been significant. The U.S. has seen many people working on laptops from home for the first time. The fraudsters, of course, knew that people began working from home and found it easier to get to them because of all the remote platforms. At times, the initial rush to work from home led to a lack of increased security by financial institutions. Phishing, malware, and extortion are mentioned in the advisory in detail, along with the red flags to look for in detecting these methods of fraud.
Business Email Compromise (BEC) schemes are mentioned in the release as well. The ransomware advisory is interesting and references the increasing sophistication. Financial institutions know what ransomware is, but are they familiar with all the other terms? The FinCEN guidance documents are excellent resources from training on the varying fraud typologies.
Fraudsters Stick Together
Illicit actors are teaming up for cyber crime
Illicit actors are now collaborating, whether organized crime groups or just people who meet on the dark web. They share their expertise at times. Big game hunting schemes are increasing, meaning that the fraudsters go for the larger entities to get the bigger payoffs. They keep going bigger as they succeed, using ransomware and partnerships, and that's why they're calling the method big game hunting. When the illicit actors come together, they form a kind of consortium. They share code, malware, and other tools of the trade that have made them successful.
The FinCEN advisories address a lot of interesting information about those partnerships. The guidance explains the double extortion, meaning the fraudsters get you twice. The illicit actors' end goal is to grab data, encrypt it, keep it, and ask for a ransom of significant amounts. If a company refuses to pay, they sell your data and make it public. No financial institution can afford that to happen with their customers' data.
Fraudsters move on from Bitcoin
Bitcoin is now universally recognized as legitimate and not anonymous anymore. Many fraudsters will not use or demand bitcoin for that reason. They want it to be as anonymized as possible. There are top-five cryptocurrencies that are listed among the dark web for those who want more anonymity. Monero is the most used cryptocurrency and is very difficult to trace.
FinCEN gives red flags for money mule activity
One of the FinCEN releases exposes the risks of money mule schemes. These schemes are what some call the telephone pole scam that's been around forever. Signs on the telephone poles to "work from home, make $45,000 a month." In reality, people who sign up are transferring money from their computer to money launder (layering) for other people. Some people know they're doing it illegally; sometimes, they know for whose benefit they’re moving money. Sometimes they don't ask questions because they’re desperate. The pandemic made a lot of people more desperate than before. FinCEN also gives red flags for money mule activity.
In addition, FinCEN addresses imposter fraud. This method of fraud is ruthless; they are playing on people's fear of the pandemic. When imposter fraud is perpetrated through a computer, it is cyber fraud and should be reported on a suspicious activity report (SAR). Fraudsters are offering COVID-19 cures, fraudulent vaccines, and fake anti-viral drugs. The imposters would have credentials saying they represent the Center for Disease Control (CDC), the World Health Organization (WHO), and other reputable organizations. In addition, the price gouging that has been prevalent during the pandemic, including hand sanitizers, toilet paper, bleach, masks, and other products, is cyber fraud because it was done on the computer, through the Internet.
All three of the FinCEN guidance releases are important and represent ongoing methods of fraud. These are excellent documents for use in institutions for training and awareness.