Economic Stimulus Scam
Fraudsters are all too willing to take advantage of our goodwill -- federal stimulus payments issued during the coronavirus are a magnet for identity theftIn May 2020, the U.S. unemployment rate was 13.3 percent according to the U.S. Bureau of Labor Statistics. It is easy to see why people are eager to receive federal stimulus payments to assist them during the coronavirus outbreak. Unfortunately, scammers are eager to collect your money, too.
The Federal Trade Commission (FTC) received over 90,000 complaints from across the U.S. between January and May about COVID-related scams. As soon as stimulus funding was announced, scammers got to work.
Here are the top 5 COVID-19 stimulus funds scams that caught our attention (we saved the ugliest for last)
Scam #1: A payment in exchange for your credentialsAs soon as stimulus funding was announced, scammers did not waste any time sending out fake checks and payment cards. This "payment" is accompanied by instructions to either log into a website or text your banking information to enable the withdrawal of a small administration fee. The IRS will never charge a fee for processing payments and they will use the banking information they already have on file from your previous tax return. The goal of this scam is to obtain your banking information.
Scam #2: Overpayment of the expected amountSimilar to charging a fee, fraudsters send fake checks for an unusual total, then contact you to say they made an error on the amount and ask for a refund for the difference. How do they do that? They normally ask for some information from you, such as your bank account or credit card number. Again, asking for your banking information does more than allow them to "withdraw the difference" -- another lie -- it gives them private information that can be combined with other data and used to impersonate you at your bank. They also might ask you to repay the difference in gift cards, a common way to get your money in a virtually untraceable currency.
Scam #3: Texts from phony government agenciesIn this scam, you get a text message from what appears to be a government agency asking you to click a link to accept your payment. A few dangers lay in these waters. The link might download malware onto your device to monitor your activity and intercept your information, or it may take you to a spoofed federal website that asks for your banking details. Either way, as your payment is automatically triggered by your 2018 or 2019 tax returns, the IRS would never contact you with a link to accept any payment. If in doubt, call the government department, but do not click the link.
Scam #4: University student rip-offsStudents are usually broke and scammers bank on that -- literally -- by posing as university finance officers. They contact students and urge them to login to a bogus website to register for their stimulus payments. Another phishing scam: they collect usernames, student numbers, passwords, and other information to steal money or download malware onto devices in order to access more information for future fraud.
Scam #5: Victimization of seniorsSome nursing homes and assisted living facilities have been trying to get seniors who receive Medicaid to sign over their stimulus payments. Claiming the money is intended to pay for their housing or care needs, unscrupulous operators are scooping some or all of the payments. As a federal tax credit, the stimulus check cannot be seized by any agency or individual who is not the rightful recipient. Period.
Another scam targeting seniors is a Facebook post for a "special grant" for seniors to help pay for their medical bills. The post links to the "U.S. Emergency Grants Federation" website which requests a person's Social Security number to verify their eligibility. No such legitimate U.S. government agency exists, and again, no federal agency would do this and advertise it on Facebook.
Identity theft can eclipse losing your stimulus paymentWhile it would be bad enough to lose your $1200 to a scammer, it would be even worse to provide access to your private information. With a few details, such as your name, address, date of birth, and SSN, fraudsters can buy merchandise on your credit card, apply for mortgages, or impersonate you in any number of ways. They can also sell your information on the dark web where numerous people can use it to commit fraud.
Ways to protect yourself from financial fraudHere are a few tips on protecting yourself from these bad actors:
- Payments are determined by the IRS based on your recent tax returns. If you did not file a return in 2018 or 2019, contact the IRS directly.
- The IRS will deposit your money directly into your bank account or send a paper check or a preloaded debit card. You will never have to pay a fee to collect your money.
- The IRS will never call, text, or email you to verify your information. NEVER give your driver's license, Medicaid, credit card, bank, or PayPal account numbers to anyone who contacts you.
- Delete texts or emails which ask for your information or provide a link. And never click the link to see if it is real. By the time you realize it is not real, the malware will already be downloaded onto your computer.
- Consult the Federal Trade Commission and the Better Business Bureau websites to stay up to date on the latest scams.
There are no related Events
Fraudsters look for the easiest, most vulnerable parts of the transaction lifecycle to enter the customer journey.
Traditional verification steps, such as verifying micro-deposits, are not enough. Every participant in the transaction lifecycle – from merchant to payment processor to card issuer – must understand their vulnerability to account takeover fraud. All need a strategy for verifying identity that makes it much more difficult for fraudsters to use the identity data they obtain.
This presentation explores how transaction participants can create strategies to verify identities starting with account creation, and extending through checkout, payment, shipping, and account maintenance. It will also provide a merchant's perspective on effective pathways for safeguarding in-demand eCommerce options such as guest checkout.
It is important to identify who your fraudsters are as well as their goals.
This presentation explores the variety of fraud methods which are seen in our industry, including affiliate fraud, bot attacks, phishing and romance scams, what fraud identification and mitigation tools are used, and how they could be applied to other eCommerce and digital goods businesses.
Learn how "Sandbox" payments, a fabricated payment process applied to fraudsters, which deceives them into believing a transaction was successful, can help to reduce fraud and chargebacks.
Discover how to reduce and automate manual reviews to provide an improved and more efficient experience for genuine customers.
There are no related Surveys
In this webinar, TransUnion begins by sharing findings from a recent poll they conducted on fraud attempts against consumers. Next, the session delves into three challenges many online retailers are seeing as a consequence of changes in buying patterns resulting from lockdowns during the pandemic. Three effects of the rising number of phishing attacks are also presented, along with ways to mitigate each fraud pattern. The broadcast closes with a trio of recommendations and a detailed Q&A session.
Two-factor authentication adds a second authentication level or factor when logging into an account, such as sending a one-time use verification code in an SMS message to a user's mobile phone. In this webinar, Nethone provides examples of tools which may be used to bypass two-factor authentication, then looks at how phishing exploits can be used to collect victims' data. A scenario is then laid out in which "smishing" -- phishing using SMS -- is leveraged by a fraudster to access a legitimate customer's bank account. A brief Q&A session concludes the broadcast.
At SEON Technologies we have released new information on the collection countries that are most and least at risk of cyberattacks. We have also taken a close look at the most common types of cybercrime occurring in the US.
Dubbed the Global Cybercrime Report, the report explains how several countries are the safest in the world from fraud and other cybercrime. and why others are not. Our methodology for this research was based on how companies and public infrastructure are all being fairly well protected through both legislation and technology at their disposal.