Ransomware attacks see 148% surge amid COVID-19
May 27, 2020
Courtesy of Rehmann
While it is expected that cybercrime will increase during the global pandemic, new research reveals it might even be worse than initially thought. Ransomware attacks jumped 148% last month over baseline levels in February, according to the findings from VMware Carbon Black, an endpoint security vendor. Analytics showed surges in threat activity on specific days during the pandemic, including Jan. 30, which saw a 48% increase in ransomware attacks over baseline levels with the U.S. announcing its first case of coronavirus. On Feb. 29, a major spike occurred when multiple states declared public health emergencies. This happened again March 1 when the first COVID-19 death was declared in the United States. The report also establishes that of verticals targeted by cybercrime, threat actors have heavily shifted their efforts toward financial institutions. There was a dip in attacks on healthcare targets – this coincides with several ransomware groups declaring last month that they would refrain from attacking any medical facilities or hospitals during the pandemic – but the massive increase in attacks on financial institutions indicates cybercriminals are more than making up for the drop-off in healthcare-related attacks.
Warning: Potential fraud scams surrounding SBA loans
The U.S. Attorney’s Office, the Federal Bureau of Investigation and the U.S. Small Business Administration warns Americans to be alert about possible scams relating to the CARES Act. SBA’s Office of Inspector General has published a list of possible scams and fraud schemes to raise public awareness. The CARES Act provided small businesses with $349 billion in federal aid in the form of the U.S. Small Business Administration’s Economic Injury Disaster Loan program and the Paycheck Protection Program. Unfortunately, individuals with bad intentions also took this opportunity to attempt scam operations. Entrepreneurs should remember that if anyone asks for money, they are not legitimate, nor are emails that end in anything but “.gov.” Even if someone has some details about your loan request, do not fill in the blanks by providing information that you have already provided through the application process. A confidential, legitimate source has this information already. SBA does not reach out to initiate a loan. Learn more at the SBA’s website. Report fraud, waste, abuse, mismanagement or misconduct involving SBA programs to the SBA OIG hotline at 800-767-0385, or online by clicking here.
Coronavirus fuels explosive growth in telehealth – and concern about fraud
In early March, the Centers for Medicare & Medicaid Services approved dozens of new billing codes to allow medical professionals to bill for telehealth, which covers a broad range of services via video, telephone or email. Telehealth gives patients the opportunity to consult with doctors about everything from flu symptoms or a backache to a psychiatry visit. As helpful as these services can be, however, there is concern of billing fraud and abuse, especially if officials yield to industry pressure to make many of the emergency policy changes permanent. Federal officials also allowed telemedicine providers to waive patient deductibles and copayments during the coronavirus emergency. Under normal conditions, these actions can be construed as a kickback because they discourage patients from complaining about charges or can lead to overuse of medical services. Such tactics normally can lead to civil or criminal penalties. Centers for Medicare & Medicaid Services officials say they are instructing payment and audit contractors to review claims during this public health emergency based on all agency waivers and flexibilities that have been put into place. This includes claims for services furnished under the telehealth flexibilities. The organization also said it would put “a strong emphasis” on program integrity and cost in considering whether to make any telehealth changes permanent.
Americans have lost $13.4 million to fraud linked to COVID-19
Covid-19 scams have cost more than 18,000 Americans a total of $13.4 million since the beginning of the year, according to the Federal Trade Commission. The top fraud categories are related to travel and vacations, online shopping, bogus text messages and imposter scams. The IRS recently warned of scammers trying to steal stimulus checks, which the agency started depositing into people’s bank accounts last month (paper checks are expected to arrive this month). Other reported frauds include scams like websites promising scarce cleaning products or masks, which then never arrive after being ordered, or problems related to being reimbursed for canceled travel plans. If you’re getting calls, emails or texts related to the coronavirus, or seeing related ads or offers online, here are some things to remember:
- The government will never call to ask for money or your personal information like Social Security, bank account or credit card numbers.
- Anyone who tells you to pay by Western Union or Money Gram, or by putting money on a gift card, is a scammer. The government and legitimate businesses will never tell you to pay with those methods.
Rehmann Corporate Investigative Services (CIS) compiles Risk Report to help raise awareness of the risks you and your company could face — from fraud to cyber crime and more. We can help protect you against these threats. Call us at 248.267.8445.