FinCEN issues advisory on COVID-19 impostor, money mule scams

July 17, 2020

The Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued an advisory on COVID-19 related impostor scams and money mule schemes. The advisory is based on FinCEN’s analysis of COVID-19-related information obtained from Bank Secrecy Act (BSA) data, open source reporting and law enforcement partners

FinCEN also maintains a coronavirus updates homepage with the latest on pandemic-related scams.

Imposter scams: criminals impersonate organizations such as government agencies, non-profit groups, universities, or charities to offer fraudulent services or otherwise defraud victims. Some examples of red flag indicators of imposter scams include:

  • Requests via phone/e-mail/text requesting verification of personal information in connection with COVID-19-related stimulus payments or benefits, including Economic Impact Payments (EIP).
  • Unsolicited communications from purported trusted sources or government programs related to COVID-19, instructing readers to open embedded links or files to provide personal or financial information, including account credentials.
  • Solicitations where the person, email, or social media advertisement seeks donations on behalf of a reputable organization, but the hyperlink points to an unaffiliated website.

Money mule schemes: involve “a person who transfers illegally acquired money on behalf of or at the direction of another.” Some examples of red flag indicators of money mule schemes include the following:

  • A member who typically maintains a low account balance starts to receive transfers that do not fit his or her transactional history profile.
  • A person opens a new account in the name of a business and, shortly thereafter, someone transfers the funds out of the account.
  • A person opens accounts at multiple institutions in order to receive money from various individuals and business, then moves the money to other accounts at the direction of the member’s purported employer.

When reporting these schemes, FinCEN requests that financial institutions reference this advisory by including the key term “COVID19 MM FIN-2020-A003” in SAR field 2 (Filing Institution Note to FinCEN) and the narrative to indicate a connection between the suspicious activity being reported and the activities highlighted in this advisory.

Additional details can be found on CUNA’s CompBlog.