More than 400 cybercriminals arrested for COVID-19 fraud

The US Department of Justice (DOJ) revealed that over the most recent months, a total of 474 individuals have been legally prosecuted for their participation in various fraudulent COVID-19 related schemes. The defendants participated in all kinds of fraudulent practices related to coronavirus, including the sale of false treatments for the disease, as well as counterfeit vaccines, phishing campaigns and SMS spam, among other crimes. 

With the emergence of this virus, virtually every law enforcement agency in the world has had to deal with various fraudulent practices, even working with the World Health Organization (WHO) to prevent users around the world from these malicious campaigns.

On these arrests and accusations, the DOJ mentions that all 474 individuals have been charged with crimes based on fraudulent pandemic-related schemes, in multiple cybercriminal campaigns that generated illegal profits of more than $560 million, affecting both consumers and U.S. government agencies.

One of the main variants of fraud concerns the fraudulent issuance of grant applications, including the Payment Protection Program (PPP), the Economic Disaster Loan Program (EIDL), and Unemployment Insurance (UI), among other programs implemented to mitigate the economic consequences of coronavirus.

Of the 474 defendants, 120 people received sentences related to PPP-related crimes, including:

  • Business owners artificially inflating their payroll expenses to get high loans
  • Ghost company creators
  • Criminal groups that submit loan applications usurping the identity of legitimate companies

In one of the most recent cases, the DOJ announced that a Texas citizen pleaded guilty to a loan fraud with which he obtained about $25 million illegally.

Threat actors have also deployed multiple frauds against EIDL, which issues financial support for small and medium-sized enterprises, although unemployment benefit fraud represents the largest illegal practice associated with these economic programs. The DOJ report mentions that threat actors often use the identity of random inmates, as these people are unlikely to realize that their data is being misused.

Finally, the DOJ announced the closure of a Facebook page linked to the Government of Venezuela due to the constant publication of disinformation about COVID-19, including alleged natural treatments against the disease. Facebook also determined that the official pages of the Government of Venezuela will not be able to post for the next 30 days.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.