Lawmakers combat flood of COVID cyber fraud

Nearly 50 million Americans have filed COVID-19-related complaints with the Federal Trade Commission, and the number of daily complaints to the FBI’s Internet Crime Complaint Center has more than tripled over the past four months, according to FBI Deputy Assistant Director Tonya Ugoretz.

Among the explosion of coronavirus-themed scams, cybercriminals are leveraging the pandemic as bait in phishing and extortion schemes, taking particular advantage of the federal government and states’ move to disperse hundreds of billions of dollars in relief funds to individuals and businesses.

Lawmakers have put forward a number of bills designed to address cyber fraud during and after the pandemic:  

At a June 16 House Financial Services hearing, VMWare Head of Cybersecurity Tom Kellerman urged the Senate to pass existing House legislation that would increase information-sharing efforts between law enforcement, financial institutions and financial regulators.

Kellerman also suggested other legislative proposals, like pushing the Financial Stability Oversight Council to develop a framework for regulating digital currencies, modernizing money laundering and forfeiture regulations to include cryptocurrencies and digital payments and establishing tax credits for fintech companies that dedicate at least 10% of their IT budgets to cybersecurity.

"The cybercrime community has educated themselves as to the interdependencies that exist in the financial sector, and they've begun to commandeer these very interdependencies to manifest criminal conspiracies," Kellerman told the committee.

Kelvin Coleman, Executive Director of the National Cybersecurity Alliance, said that both victims and threat actors are recognizing the value of partnerships. Threat intelligence firms are increasingly finding evidence that ransomware actors and other hacking groups are working together to compromise a broader set of organizations while sharing in the profits. Coleman recommended "game-changing investments" from Congress into cybersecurity awareness and education campaigns to counter those kinds of efforts.

"Bad actors are communicating, bad actors are coordinating, why shouldn't the good guys?" Coleman asked.

This article was first posted to FCW, a sibling site to GCN.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/Shutterstock.com)

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.