Throughout the COVID-19 pandemic, the Department of Homeland Security (DHS) has been working nonstop to protect the American people from criminals who are attempting to exploit fear for financial gain.
Throughout the crisis, transnational criminal organizations have attempted to profit from the shipping of prohibited medical supplies, personal protective equipment, and other products which claim to help in the fight against coronavirus. Other criminal opportunists are attempting social engineering, phishing, non-delivery, and auction fraud scams related to coronavirus.
However, the men and women of DHS across the country are standing watch to protect the American public from these criminal and often dangerous schemes.
What is DHS doing?
Cybersecurity and Infrastructure Security Agency (CISA)
Cyber hackers are regularly sending emails with malicious attachments or links to fraudulent websites to gain access to company data and resources, or to trick victims into revealing sensitive information or donating to fraudulent charities and causes. CISA’s cyber-defenses help deny malicious actors the ability to utilize the web as a portal for criminal activity and aid law enforcement in bringing violators to justice. As of April 17th, CISA reported that it has identified and blocked over 3,500 coronavirus-related malicious domains and email addresses since the start of the pandemic.
CISA also continues to regularly remind the public to stay alert and vigilant against scams that exploit the ongoing coronavirus crisis.
U.S. Customs and Border Protection (CBP)
In a whole of America approach, Customs and Border Protection is working in coordination with international partners, the U.S. Postal Inspectors, Homeland Security Investigations, and the Food and Drug Administration (FDA) to identify and shut down transnational criminal organizations that smuggle in prohibited medical supplies.
CBP is monitoring imports and exports that may contain counterfeits or illicit goods delivered through international mail and express consignment cargo. Between March 1st and April 22nd, there have been 185 prohibited medical supply seizures resulting in an estimated 177,338 confiscated units, each presenting a danger to the public. CBP also made a seizure of fraudulent N95 masks, containing an estimated 1,000 units, and 53 prohibited EPA Virus Shut Down Lanyard seizures, containing an estimated 2,719 units.
U.S. Immigration and Customs Enforcement (ICE)
On April 15th, ICE Homeland Security Investigations (HSI) unit launched Operation Stolen Promise, an initiative that targets COVID-19 related fraud and criminal activity by combining HSI’s expertise in global trade investigations, financial fraud, and cyber investigations with private-public partnerships. The operation leverages resources from across the U.S. Government, including CBP, FDA, the U.S. Postal Inspection Service, the U.S. Secret Service, the Internal Revenue Service, and the Federal Bureau of Investigation, and from international partners around the world.
Since launching the operation, HSI efforts have led to the initiation of more than 200 investigations, the seizure of over three million dollars in illicit proceeds, and the execution of eleven search warrants and nine arrests related to COVID-19 fraud.
As criminal activity stemming from coronavirus continues to surge, HSI recognizes that its response must be equally robust. HSI’s unique customs and border search authorities – combined with its expertise in cyber and financial investigations – best positions the agency to lead these efforts to combat fraud associated with the pandemic. HSI encourages the public to report suspected illicit criminal activity or fraudulent schemes related to the COVID-19 pandemic to firstname.lastname@example.org.
U.S. Secret Service (USSS)
U.S. Attorney General William P. Barr has directed federal law enforcement to prioritize the detection, investigation and prosecution of all criminal conduct seeking to exploit fear during the pandemic. Secret Service is leading the charge to combat cyber-enabled financial crimes related to coronavirus. Its immediate focus is to disrupt and deter criminal activity that could hinder an effective response to the pandemic, to help vulnerable organizations, and to recover money stolen from Americans.
USSS Field Offices and USSS Electronic Crimes Task Forces around the country are actively working with federal, state and local partners to combat cyber enabled fraud, such as ransomware and business email compromise (BEC) attacks against the health care industry and state/local governments during this time of crisis.
Based on intelligence derived from Global Investigative Operations Center (GIOC) sources, the USSS is alerting health care facilities nationwide about identified vulnerabilities in their network that make them susceptible to ransomware and other network disruptions. GIOC agents and analysts are coordinating outreach to affected facilities thru USSS Field Offices. The GIOC is providing the Field Offices with IP address, hostname, username, and any other information to help the victim facility mitigate the compromise before a ransomware attack occurs. To date, 17 hospitals and health care facilities have been identified and efforts continue to identify additional potential victims.
USSS is also making sure the public is continuously informed and updated on the different types of coronavirus-related scams that are targeting them across the country. As the U.S. Treasury prepares to send paper checks to Americans through the CARES Act, USSS launched the Know your US Treasury Check Campaign to bring important information to citizens, retailers, and financial institutions on how to protect themselves from counterfeit paper checks.