COVID-19 Fraud: Law Enforcement’s Response to Those Exploiting the Pandemic
Statement for the Record
Chairman, ranking member, and members of the committee, thank you for the opportunity to appear before you today to discuss the rapidly evolving threats to the United States homeland posed by the myriad of fraud schemes which seek to exploit the global COVID-19 pandemic. The FBI has worked to counter the threats posed by fraud schemes and illicit finance activities since its inception—these threats are pervasive and have become more frequent and sophisticated over time. Moreover, they adversely affect the United States by destabilizing our financial system and institutions and harming people at higher risk (including older adults and people with underlying medical conditions).
On March 16, 2020, the attorney general issued a memorandum on fraud in connection with COVID-19. Within days, the FBI established a COVID-19 Working Group comprised of representatives from all 56 FBI field offices and 500 total participants from the Department of Justice and FBI to combat the criminals undermining our nation during this crisis. The COVID-19 pandemic has only served to increase the number of stimulus, healthcare, bank, elder, and government fraud schemes. As of May 28, 2020, the Internet Crime Complaint Center (IC3) received nearly the same amount of complaints in 2020 (about 320,000) as they had for the entirety of 2019 (about 400,000). Approximately 75% of these complaints are frauds and swindles, presenting a challenge for the FBI’s criminal program given the sheer volume of submissions.
We have also seen the sale of counterfeit personal protective equipment (PPE), fraudulent unemployment insurance claims, and even criminals who are engaging in online predatory behavior targeting children who are continuing their education from home. Keeping pace with these threats and their volume is a significant challenge for the FBI, but one we are tackling head on in conjunction with our many federal, state, local, private sector, non-profit, and community partners.
Paycheck Protection Program
With the passage of the CARES Act, the FBI has seen fraudsters shift their efforts towards exploiting the various programs aimed at relieving the detrimental economic effects of COVID-19. Of particular interest are criminals fraudulently applying for Paycheck Protection Program (PPP) loans or targeting PPP funds once they have been disbursed.
The FBI’s IC3 has received numerous complaints from business owners unable to legitimately apply for a PPP loan because their Employer Identification Numbers were already used for fraudulent loan applications. There have also been reports of fraudulent websites claiming to facilitate PPP loans, which gather all the personally identifiable information necessary to apply for a PPP loan, only to not follow through with the assistance, but likely use the information for their own nefarious purposes.
In order to effectively target this growing threat, the FBI has formed a PPP Fraud Working Group in coordination with the Justice Department’s Fraud Section and the Small Business Administration Office of Inspector General. Through the efforts of our field offices and the PPP Working Group, nearly 100 investigations have been initiated since the inception of the program, with over $42 million in potential fraud identified and over $900,000 recovered. These investigations involve bank insiders, previously convicted felons, the use of dormant or cash businesses, and identity theft.
Advance Fee and Business Email Compromise Schemes
In the current environment, demand for PPE and other goods far exceeds supply, and businesses have had to alter standard practices to continue operations. Such an environment is ripe for exploitation by fraudulent actors perpetrating advance fee and business email compromise (BEC) schemes. In the advance fee schemes related to procurement: A victim prepays a purported seller or a broker for goods such as ventilators, masks, sanitizer or other in demand products, and then receives little or nothing in return. BEC schemes often involve fraudsters spoofing a legitimate email address known to the recipient or the use of an email address that is nearly identical to one known and trusted by the victim to instruct them to redirect legitimate payments to bank accounts controlled by the fraudsters.
Recent examples of COVID-19-related BEC attempts include a financial institution that received an email, allegedly from the CEO of a company, who had previously scheduled a transfer of $1 million, requesting that the transfer date be moved up and the recipient account be changed “due to the Coronavirus outbreak and quarantine processes and precautions.” The email address used by the fraudsters was almost identical to the CEO’s actual email address, with only one letter altered.
In another instance, a fraudster spoofed the email address of a CEO who had been approved for a PPP loan, contacted the financial institution facilitating the loan and requested that the PPP funds be transferred to a new account at a different institution. The FBI is also aware of multiple incidents in which state government agencies, attempting to procure ventilators or PPE, wire transferred funds to fraudulent brokers and sellers in advance of receiving the items. The brokers and sellers included both domestic and foreign entities. In one case, an individual claimed to represent an entity with which the purchasing agency had an existing business relationship. By the time the purchasing agencies became suspicious of the
transactions, much of the funds had been transferred outside the reach of U.S. law enforcement and were unrecoverable.
With the U.S. unemployment rate soaring and large numbers of people being secluded at home, fraudsters are increasingly targeting individuals through “work from home” opportunities or dating websites to use as money mules. Criminals who obtain money illegally need to find a way to move and hide the illicit funds. They frequently scam other people, known as money mules, into moving this illicit money for them. These money mules are asked to receive funds in their personal bank account and then “process” or “transfer” funds via wire transfer, ACH, mail, or money service businesses, such as Western Union or MoneyGram.
Acting as a money mule—allowing others to use one’s bank account or conducting financial transactions on behalf of others—not only jeopardizes the mule’s financial security and compromises their personally identifiable information, but is also a crime. Over the last several years, the FBI has dedicated significant resources to educating the public on common red flags that they may be acting as a money mule and has continued to reinforce this messaging to address the rise of COVID-19-related money mule schemes. The FBI encourages individuals to protect themselves by refusing to send or receive money on behalf of individuals and businesses for which they are not personally or professionally responsible, and to watch out for online job postings and emails from individuals promising easy money for little to no effort.
With the rise in the use of virtual assets and encrypted devices and applications, the interconnectivity of communication platforms, and the ever-changing landscape of emerging payment systems, the world is more connected today than ever. This also means it has becoming increasingly difficult to track illicit finance flows and identify the criminal actors behind them.
Fraudsters are leveraging increased fear and uncertainty during the COVID-19 pandemic to steal Americans’ money and launder it through the complex virtual asset ecosystem. Some criminals use virtual assets to conduct illicit transactions because these currencies offer potential anonymity. Furthermore, these transactions are often not tied to a real-world identity and enable criminals to quickly move criminal proceeds among countries.
People of all ages, including older adults, are being victimized by criminals through virtual asset-related fraud schemes. Developments in virtual asset technology and an increasing number of businesses accepting virtual assets as payment have driven their growing popularity and accessibility. There are not only numerous virtual asset service providers online, but also thousands of virtual asset kiosks located throughout the world which are vulnerable to exploitation by criminals to facilitate their schemes. Many traditional fraud and money laundering schemes are now orchestrated via virtual assets. The FBI has published a PSA about an increase in virtual asset fraud schemes related to COVID-19, including blackmail attempts, work from home scams, paying for non-existent treatments/equipment, and investment scams. It should be stressed that there are legitimate charities, investment platforms, and e-commerce sites that accept payment in virtual assets. However, unsolicited requests for donations via virtual assets or pressure to use virtual currency should be approached with caution.
Health Care Fraud Schemes
Legitimate medical professionals and scientists throughout the U.S. are working hard to find a cure, approved treatment, and vaccine for COVID-19. Unfortunately, bad actors are selling fraudulent COVID-19 test kits and unapproved treatments through telemarketing calls, social media platforms, and door-to-door visits at the same time. Many scammers are promising free care and free COVID-19 testing to patients in order to gain access to their personal and health insurance information, including their dates of birth, Social Security numbers, and financial data.
While the methods are ones we have seen before, the current atmosphere of fear and urgency aids criminals in taking advantage of the American public, particularly at-risk populations like older adults and people with underlying health conditions. Prior health care fraud investigations have shown that once scammers obtain an individual’s personal information, they use it to bill federal health care programs and/or private health insurance plans for tests and procedures the individual did not receive and pocket the proceeds. Some bad actors are selling fraudulent at-home test kits while others are even going door-to-door and performing fake tests for money.
Active Response and Looking Forward
While these frauds prove difficult to address, they are not impossible, and the FBI is making every effort to investigate them. First, we have relied heavily on public education and awareness—only when the general public knows about schemes like BEC and counterfeit goods can it report them. The FBI needs solid leads that we can aggregate in databases and systems like IC3 for analysis. From there, we can identify the perpetrators and follow illicit money to its source.
The repercussions of the COVID-19 pandemic have not and will not end any time soon. While we reflect on our actions thus far to counter specific threats to U.S. national security, we must also anticipate and prepare to address emerging criminal schemes of an even larger scale. Initially, PPE-related hoarding/gauging schemes, investment and consumer fraud schemes promoting fake COVID-19 cures/treatments/tests, BEC schemes, and advance fee schemes were the most prevalent fraud schemes related to COVID-19. While these continue, the FBI has seen the fraud landscape shifting over the past month as criminals continue to attempt to fraudulently obtain funds made available through the CARES Act stimulus. In response, the FBI is working with the Department of Justice and relevant federal agency inspectors general to actively address substantial numbers of fraudulent PPP loans and Economic Injury Disaster Loan Emergency Advances.
As a result of the COVID-19 pandemic, the FBI has also identified an increase in health care fraud. As the number of people seeking treatment for the virus has increased, so too have the number of criminal actors seeking to profit from the crisis by exploiting vulnerabilities in the delivery of medical services. The FBI, together with our law enforcement and regulatory partners, as well as our partners in the private sector, has identified a variety of fraudulent schemes targeting both government sponsored health care programs, particularly Medicare and Medicaid, and private health insurance plans, including overbilling for services, billing for services not rendered, and billing for medically unnecessary services. We have seen many of these schemes before, and we are aggressively working to stop them.
The FBI is also pursuing criminals who file fraudulent claims for unemployment insurance payments, often using stolen identities, and routing the funds to themselves. We continue to engage heavily with private sector partners, particularly financial institutions and health insurance companies, to communicate the fraud trends we are seeing, gain valuable insights from the institutions on what they have seen, and share intelligence related to
investigations. We have received countless valuable referrals from financial institutions in the form of Financial Crimes Enforcement Network Suspicious Activity Reports that relate to already open investigations or have led to the initiation of new investigations. These relationships with the private sector have allowed us to more efficiently and effectively address many of the fraud schemes that have emerged since the beginning of the COVID-19 pandemic, and we continue to rely on these relationships as schemes change and evolve.
The FBI is engaged in myriad efforts to combat COVID-19 threats, from improving threat identification and information sharing inside and outside of the government to examining the way we operate to disrupt and defeat these threats. All facets of the FBI are working to counter these threats and head off those that are just emerging. We are proud to work alongside our federal law enforcement and private sector partners to protect the American public from COVID-19 related scams during these difficult times. These collaborative efforts are the key to quickly reducing the threat from COVID-19 related criminal activity, so the American public can focus on protecting themselves and their families during these trying times.
Thank you, Chairman Graham and Ranking Member Feinstein, for bringing attention to these issues. I would be happy to answer any questions you might have.