CUNA
  • Advocacy
    • Priorities we’re fighting for
    • Actions you can take
  • News
  • Learn
  • Compliance
  • Shop
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • COVID-19
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact
Learn More about Member Value

News

Member Benefits
Learn more
Learn more about the benefits of membership.
Home » Compliance: FinCEN addresses cybercrime exploiting COVID-19
Policy & Issues

Compliance: FinCEN addresses cybercrime exploiting COVID-19

July 31, 2020
COVID

The Financial Crimes Enforcement Network (FinCEN) issued an advisory July 30 to alert financial institutions to potential indicators of cybercrime and cyber-enabled crime observed during the COVID-19 pandemic. Many illicit actors are engaged in fraudulent schemes that exploit vulnerabilities created by the pandemic, according to FinCEN.

The advisory contains descriptions of COVID-19-related malicious cyber activity and scams, associated financial red flag indicators, and information on reporting suspicious activity.

Scams and their associated red flags include:

Targeting and exploitation of remote platforms and processes through fraudulent identity documents and the use of stolen credentials. Red flags include:

  • The spelling of names in account information does not match the government-issued identity documentation provided for online onboarding;
  • Pictures in identity documentation, especially areas around faces, are blurry or low resolution, or have aberrations;
  • Images of identity documentation have visual irregularities that indicate digital manipulation of the images, especially around information fields likely to have been changed to conduct synthetic identity fraud.
  • A customer’s physical description on identity documentation does not match other images of the customer;
  • A customer refuses to provide supplemental identity documentation or delays producing supplemental documentation;
  • Customer logins occur from a single device or Internet Protocol (IP) address across multiple seemingly unrelated accounts, often within a short period of time;
  • Customer logins occur within a pattern of high network traffic with decreased login success rates and increased password reset rates; and
  • A customer calls a financial institution to change account communication methods and authentication information, then quickly attempts to conduct transactions to an account that never previously received payments from the customer.

Phishing, malware and extortion which are increasingly utilizing offers of COVID-19 information and supplies. Red flags include:

  • Information technology enterprise activity related to transaction processes or information is connected to cyber indicators that have been associated with possible illicit activity. Malicious cyber activity may be evident in system log files, network traffic, or file information;
  • Email addresses purportedly related to COVID-19 do not match the name of the sender or the corresponding domain of the company allegedly sending the message;
  • Unsolicited emails related to COVID-19 from untrusted sources encourage readers to open embedded links/files or to provide personal or financial information, such as usernames and passwords or other account credentials;
  • Emails from untrusted sources or addresses similar to legitimate telework vendor accounts offer remote application software, often advertised at no or reduced cost;
  • Emails contain subject lines identified by government or industry as associated with phishing campaigns;
  • Text messages have embedded links purporting to be from or associated with government relief programs and payments;
  • Embedded links or webpage addresses for purported COVID-19 resources have irregular URLs that do not match that of the expected destination site or are similar to legitimate sites but with slight variations in the domain;

Business email compromise schemes, which in the COVID-19 environment often involve criminals interesting themselves into communications by impersonating a critical player in a transaction. Red flags include:

  • A customer’s transaction instructions contain different language, timing, and amounts in comparison to prior transaction instructions, especially regarding transactions involving healthcare providers or supplies purchases;
  • Transaction instructions, typically involving a healthcare-sector counterparty or referencing purchase of healthcare or emergency response supplies, originate from an email account closely resembling, but not identical to, a known customer’s email account;
  • Emailed transaction instructions direct payment to a different account for a known beneficiary. The transmitter may claim a need to change the destination account as part of a COVID-19 pandemic response and assert urgency to conduct the transaction; and
  • Emailed transaction instructions request to move payment methods from checks to ACH transfers as a response to the pandemic.

FinCEN will continue issuing COVID-19-related information to financial institutions to help enhance their efforts to detect, prevent, and report suspected illicit activity on its website.

KEYWORDS compliance FinCEN
Credit Union Magazine - Winter 2020

Winter 2020

Credit Union Magazine’s Winter 2020 edition features CUNA’s 2021 lending outlook, CEO insights on adjusting to the pandemic, and board recruitment strategies.
Digital Edition •  Subscribe

Trending

  • Compliance: 2020 Year in Review, Checklist now available

  • 5 fraud predictions for 2021

  • CUNA sends recommendations to incoming Biden administration

Tweets by CUNA_News

Polls

Will you ask employees to receive the coronavirus vaccine?

View Results
More

Champion of America’s Credit Unions

Credit Union National Association is the only national association that advocates on behalf of all of America’s credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • About
  • Careers
  • Contact Us
  • Recommended Websites
  • Privacy Policy

Resources for

  • CUNA Board Members
  • Credit Union Advocates
  • Leagues
  • Press
  • Vendors