Law360 (July 30, 2020, 4:04 PM EDT) -- The Financial Crimes Enforcement Network warned financial firms Thursday to be particularly vigilant in their dealings with virtual currencies amid an increasing wave of COVID-19-related cybercrime.
FinCEN offered a list of 20 red flags firms can identify to help catch a range of web-based phishing, money laundering and extortion schemes that cybercriminals are perpetrating, often exploiting the pandemic using convertible virtual currencies, or CVCs, which include popular cryptocurrencies such as Bitcoin.
"Financial institutions dealing in CVC should be especially alert to the potential use of their institutions to launder proceeds affiliated with cybercrime, illicit darknet marketplace activity and other CVC-related schemes," FinCEN said.
The alert referenced the recent Twitter hack that targeted high-profile individuals and companies, from Joe Biden to Elon Musk, Apple to Uber, which included a fake Tweet from the ride-hailing company requesting Bitcoin donations it would match in the name of COVID-19.
"Cybercriminals are ... distributing malware, including ransomware, through phishing emails, malicious websites and downloads, domain name system (DNS) hijacking or spoofing attacks, and fraudulent mobile applications," according to the FinCEN alert.
"These techniques can be applied in broader campaigns involving social media, such as the recent exploit targeting Twitter and prominent users of the platform."
Red flags for so-called phishing or malware also include email addresses that don't match the sender, unsolicited emails with attachments, text messages with embedded links and irregular URLs that don't use common endings such as ".com," ".org" or ".us," FinCEN said.
The agency noted that the remote work environment brought by the pandemic has made firms and their clients particularly susceptible to cybercrimes.
When it comes to criminals accessing websites and accounts, FinCEN pointed to red flags including blurry, low-resolution or manipulated identification pictures; account information that doesn't match the ID; IP addresses that don't match a client's home state; and multiple failed login attempts.
The agency also warned of extortion of individuals and companies involved with the pandemic response, adding that it expects extortion will "continue to grow in the wake of the COVID-19 pandemic."
"Criminals are threatening to expose victims and their families to COVID-19 if they do not pay the extortion fee," according to the alert. "In almost all cases, criminals require ransomware-related extortion payments to be made in CVC."
FinCEN added that firms should take a "risk-based" approach in their assessments of potential cybercrimes in line with their procedures surrounding the Bank Secrecy Act, which requires that institutions detect and alert the government to potential money laundering.
"No single financial red flag indicator is necessarily indicative of illicit or suspicious activity," according to the alert.
The assessment should include whether transactions are in line with a client's account history and the number of red flags the client raises, FinCEN said.
--Editing by Stephen Berg.
For a reprint of this article, please contact firstname.lastname@example.org.