It’s no secret that cybercriminals are taking advantage of the COVID-19 pandemic to commit crimes against financial institutions and their customers.
On July 30, 2020, FinCEN issued an Advisory on Cybercrime and Cyber-Enabled Crime Exploiting the COVID-19 Pandemic. Cybercrime has been rampant during the pandemic and this latest release alerts financial institutions to a new list of red flags to look for that could indicate cybercrime and cyber-enabled crime. The Advisory also has interesting descriptions of the scams being encountered and requests that financial institutions reference it specifically when filing related Suspicious Activity Reports (SAR).
The Advisory focuses on three major categories of cybercrime being encountered: 1) Targeting and Exploitation of Remote Platforms and Processes; 2) Phishing, Malware and Extortion; and, 3) Business Email Compromise Schemes. Red flags for each type are also provided. Because the pandemic has forced banks and customers to utilize more remote access, cybercriminals have specifically targeted and exploited the vulnerabilities in remote platforms and processes. There has been a significant increase in phishing, malware and extortion campaigns, specifically related to COVID 19. Business Email Compromise Schemes occur when criminals have payments redirected to new accounts, claiming it’s due to pandemic-related business changes.
In addition to the 20 red flags FinCEN advises financial institutions to monitor for, it also requests that financial institutions reference the Advisory in any related SAR filings. The term “COVID19-CYBER FIN-2020-A005” should be included in SAR field 2 and in the narrative.
Need more information on BSA/AML-related topics?