knowledge | 21 April 2020 |

COVID-19: Increasing Risk of Cyber Fraud

The global COVID-19 (Coronavirus) pandemic continues to impact our society in many ways. In particular, it has fundamentally changed the way in which businesses operate. Pursuant to recent government advices, many businesses now find themselves operating (to some extent or entirely) remotely. In such uncertain times, it is important not to lose sight of the risks involved when staff are operating outside of an organisation, in particular the threat of cyber fraud.

Ireland is among the leading EU member states when it comes to the use of digital technologies.1 These technologies play a key role in our economic, professional and social lives. In the current crisis, there is likely to be an increase in cyber attacks to exploit fear around the pandemic. Such attacks are versatile and can be conducted through various media and monetised via multiple means such as ransomware, bitcoin or fraud.

In early March, the Department of Employment Affairs and Social Protection made the public aware of recent situations where cyber criminals purporting to represent the Department have contacted individuals made unemployed as a result of the COVID-19 outbreak directly and requested sensitive information from them including bank details and other financial information.2

An Garda Síochána has issued a warning that the pandemic will likely lead to a general rise in cyber attacks, as seen in the US and in the UK. Such scams include COVID-19 themed “phishing” emails designed to trick users to click a link or download an attachment. Once compromised, it is possible for cyber criminals to extract usernames and passwords for email accounts and bank accounts and to infect devices with malware (e.g. AZORult, Emotet). The World Health Organisation recently warned of fraudulent emails sent by criminals posing as the WHO for such purposes.3 Cyber criminals have also impersonated the US Centre for Disease Control (CDC) in various campaigns, including requests for bitcoin donations to fund a fake COVID-19 vaccine and encouraging users to click on a link to see high-risk COVID-19 areas, resulting in the download of keylogger malware. An Garda Síochána has also reported an increase in fraudulent COVID-19 related websites appearing online, which purport to sell goods including protective masks and hand sanitiser, but are in fact vehicles of fraud.

Last week, members of the Garda National Economic Crime Bureau and An Garda Síochána interviewed an Irish national in relation to the suspected laundering of €1.5 million into an Irish bank account as part of an international €15 million personal protective equipment (PPE) financial scam, contrary to section 7 of the Criminal Justice (Money Laundering and Terrorist Financing) Acts 2010 to 2018.4 The investigation was launched by Irish, German and Dutch Financial Intelligence Units aswell as Interpol, after a German company attempted to purchase 10 million face masks with an approximate value of €15 million from a fraudulent entity who had cloned the website of a legitimate PPE supplier in Spain. The cyber criminals claimed the company was unable to fulfil the order given current demand for PPE and referred the German company to a Dutch supplier, through an Irish intermediary. The German company then placed an order for PPE worth €7.7 million through a website they later discovered was a cloned version of the website of a reputable Dutch supplier, and made a down payment of €1.5 million into a corporate bank account in Roscommon and a payment of €880,000 to the bank account of the fraudulent Dutch company. On 27 March, representatives from the German and Irish companies attended the company office of the legitimate Dutch company, where they were told that no shipment was ever ordered. To date, investigators have traced misappropriated funds to bank accounts in Ireland, the UK, Holland and Nigeria and investigations are ongoing.

It is highly likely that such phishing campaigns will continue and that both national and international health organisations, as well as businesses that operate in that sector, may be impersonated in fraudulent attacks.  It is important that business owners are aware of these risks and have suitable protocols in place to deal with cyber security threats. It is also crucial that employees have an awareness of COVID-19 phishing scams and their reporting obligations in the event that they are targeted by cyber criminals.

These cyber security risks are heightened by the growing numbers of employees working from home as a result of the pandemic. Businesses should be prepared for an increased demand for access to company resources from personal devices and, with that, a potential increase in violations of acceptable use policies, as remote working may see devices used for non-professional purposes such as entertainment purposes by family members. It is likely that incident volumes will increase in relation to COVID-19 related cyber fraud against staff and businesses who are adjusting to a new remote working set up.

How can we help?

The Disputes Group at McCann FitzGerald can assist organisations in addressing their concerns in and around a wide range of regulatory and litigation issues business may face in responding to COVID-19, particularly if your business believes it has been the subject of a cyber attack or is concerned that it may not have sufficient protocols in place. It is important to remember that as highlighted in our briefing on the status of the court system found here, that the courts are open to assist businesses in urgent scenarios, particularly in seeking urgent injunctive relief in respect of fraudulent conduct. 

Alternatively, your usual contact in McCann FitzGerald will be pleased to provide further information.

Also contributed by Katie Ryan.

This briefing is for general guidance only and should not be regarded as a substitute for professional advice. Such advice should always be taken before acting on any of the matters discussed.

Key contacts