Infosecurity Group Websites
Latest
News

African Fraud Gang Files for Millions in #COVID19 Payments

A notorious West African BEC gang may have made millions defrauding the US government out of COVID-19 business compensation payments, according to Agari.

The security company said it had been tracking the Scattered Canary group for over a year and has now briefed the Secret Service of its findings.

The group — which has been involved in BEC, social security fraud and student aid fraud schemes in the past — has targeted at least eight states so far: Hawaii, Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Washington, and Wyoming.

In Washington state, it has filed at least 174 fraudulent claims for unemployment benefit since April 29. Agari calculated that these claims were eligible to receive up to $790 a week for a total of $20,540 over a maximum of 26 weeks. Plus, the CARES Act includes $600 in Federal Pandemic Unemployment Compensation each week up to July 31.

This amounts to a potential windfall for the cybercrime gang of $4.9 million in this one state alone, assuming all claims are approved.

Between April 15 and April 29, Scattered Canary filed at least 82 fraudulent claims for CARES Act Economic Impact Payments, 30 of which were accepted by the IRS, explained Agari founder Patrick Peterson.

The scammers are using a tactic first revealed by Agari last year to scale their operations. Namely, they take advantage of a little-known feature in Gmail which means that a single user controls all “dotted versions” of their email address.

Thus, they can register multiple addresses for separate claims payments which are effectively the same address with dots in different places. They will then all redirect to a single inbox.

“As a result of our analysis, we have identified 259 different variations of a single email address used by Scattered Canary to create accounts on state and federal websites to carry out these fraudulent activities,” explained Peterson.

The group is also taking advantage of Green Dot prepaid cards to cash out its fraudulently obtained government payments. These cards are able to receive direct payments and government benefits up to four days before they’re due to be officially paid, meaning they have obvious benefits for fraudsters.

“It shouldn’t be a surprise that scammers are trying to get a piece of the billions of dollars that has flooded the system to try and provide relief to millions of people who have been impacted by the pandemic,” concluded Peterson.

“Based on what we’ve seen from Scattered Canary’s 10-year history of scamming, they will continue to expand their portfolio of cybercrime to try and find new ways to con individuals, businesses, and governments out of as much money as they can.”

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

CISSP Qualification Given Cert Status Equivalent to Master’s Degree Level

2
News

REvil Ransomware Gang Threatens to Release Dirt on Trump

3
News

Texas Takes Second Ransomware Hit

4
News

Police Catch Suspects Planning #COVID19 Hospital Ransomware

5
News

easyJet Says Details of Nine Million Customers Accessed in Data Breach

6
News

FBI Unlocks Pensacola Shooter’s iPhones as Barr Slams Apple

1
News

NHS Contact Tracing App Security Issues Detailed

2
News

Online Retailers Brace for #COVID19 Fraud Surge

3
News

African Fraud Gang Files for Millions in #COVID19 Payments

4
News

Ukrainian Police Arrest Suspected Combo List Mastermind

5
Opinion

Mal-Innovation on Mobile: A Changing Threat Landscape

6
News

REvil to Auction Stolen Madonna Data

1
Webinar

Protecting your Organization Against Phishing Attacks

2
Webinar

Safeguarding Your Digital Transformation with Detection and Response

3
Webinar

Advanced Protection Against Zero Day Threats and Malware

4
Webinar

#WFH and Network Security – Lessons Learned So Far

5
Webinar

Remotely Manage Secure File Transfers Amid COVID-19 and Beyond

6
Webinar

Why Remediation Needs to be Part of Your Vulnerability Management Program

1
Opinion

We Don’t Need More Cybersecurity, We Need Better Cybersecurity

2
Blog

Why Data Centers Need Formal Data End-of-Life Processes

3
Interview

Interview: Debra Danielson, CTO and SVP of Engineering, Digital Guardian

4
News Feature

Meeting the Author of the #LoveBug - ‘Crime Dot Com’ Preview

5
Next-Gen

Interview: David Shrier, Oxford Cyber Future

6
Webinar

Why Remediation Needs to be Part of Your Vulnerability Management Program