In April 2020, German health authorities were baffled when they discovered that 2.4 million euros worth of medical masks disappeared. Ten million masks were apparently ordered from two legitimate companies in Zurich and Hamburg, which in turn contacted a website registered in Spain to procure the masks needed when the delivery failed to arrive. The website then guided the authorities to a dealer in Ireland, who in turn referred them to a supplier in the Netherlands. The Dutch company claimed that the initial down payment of 1.5 million euros had not been received and urged an emergency transfer of another 880,000 euros to guarantee the shipment. The masks never arrived and the Dutch company claimed that it had no record of the order or the payment.¹

It was later discovered that the Dutch supplier’s website had been cloned by a criminal organisation. Thus, a collaborative effort to retrieve the money and unmask the scammers ensued with Europol, Interpol, Eurojust, financial intelligence units, banks, as well as authorities in Germany, Ireland and the Netherlands. It was subsequently learned that 500,000 euros had already been transferred to the UK, destined for Nigeria.²

Scams Spread as Fast as COVID-19

The case of the Dutch company is one of a high number of frightening scams that have occurred in Europe following the outbreak of COVID-19. Feeding off the lack of medical equipment in European nations, criminals have tricked governments with phantom shipments related to face masks, hand sanitisers and other supplies.

The UK announced that COVID-19-related fraud jumped 400% in March 2020, with a reported loss of one million euros by the end of that month.³ During the same period, the Belgian government paid five million euros for face masks that never arrived.⁴ By May, the French police had intercepted over 32 million US dollars connected to scams, seizing 438,000 face masks, whilst revealing that 5.7 million masks bought online were part of attempted scams.⁵

However, the substantial impact of such wrongdoings is felt most on citizens who, in the midst of fear and confusion whilst in isolation, have become victims of these deceptions orchestrated by various criminal organisations.

Success Through Fear

People have drastically changed their habits during the months of self-isolation and lockdown. Between March and May 2020, online shopping increased by 129% across the EU and the UK, with the trend continuing until the end of the year as nearly half of all consumers acquired their Christmas presents online.⁶ Strong online activity, coupled with fearmongering caused by the virus and the scarcity of certain products found in shops, were fertile ground for criminals to play on consumers’ fears. These include: fear that one may contract the disease, fear that one is unequipped to deal with the pandemic, fear that one is not abiding with the rules and regulations, fear of isolation and fear that one is powerless to control the situation.

Many online COVID-19-related frauds can be classified into one of the following categories:

• Medical scams and counterfeit medical equipment
• Phishing
• Cloned firms

Medical Scams and Counterfeit Medical Equipment

In 2020, the scarcity of medical equipment during the first phase of lockdowns led to a boom of fraudulent companies and listings online. Masks, caps, drugs and hand sanitisers of dubious origin were sold as the only protection and cure against the virus to hapless consumers, often at inflated prices.⁷ In some cases, face masks were sold for seven times their value.⁸ In Italy, the police managed to stop an online business selling an anti-coronavirus kit that included two masks, two gloves and a PVC suit for the ridiculous price of 400 euros.⁹

To protect consumers, the European Parliament¹⁰ issued guidelines with a series of indications to consider when shopping online. Warning signs include the following:

• Allegations that a product can cure COVID-19 at an exorbitant price
• The use of logos and names of experts, government authorities or other well-known international institutions that endorse the product without any official document or links to official pages
• Claims such as ‘lowest price’, ‘only available today’ or ‘sells out fast’
• Promotional products with slogans linked to the pandemic, e.g. #stayhome or #staysafe
• Websites or products with spelling errors, such as ‘C?V?D?19’ and ‘cor/na?vir?s’, meant to circumvent detection from website operator’s algorithms that track down COVID-19 scams

Phishing

Overpriced and fake goods are not the only danger related to COVID-19 products on the internet. A significant number of websites claiming to sell cures and other merchandise are in fact created by hackers to steal consumers’ personal information and banking details, a crime known as phishing.¹¹

Emails with attached documents purportedly coming from a national authority are also extremely dangerous. German police authorities¹² warned about ‘potentially harmful attachments sent in .docx or .exe formats’ via fake emails sent by health authorities such as the World Health Organization (WHO) and other authorities, institutions and companies. According to ESET, the largest Slovak security company, criminals will utilise messages in emails and websites that evoke strong emotions of fear or panic in the victim, making them more likely to click on a dangerous link or download a malicious attachment.¹³ Europol also warns against fake coronavirus contact tracing apps that when downloaded may infect devices with mobile malware that could take control of files and even lock a smartphone.¹⁴

Cloned Firms

The scheme of cloning firms, such as the aforementioned Dutch company, has been another common trick employed by fraudsters and criminal organisations.

Criminals copy websites of legitimate companies that provide financial services or sell medical equipment by altering or adding one letter or symbol to their URL. To add a sense of legitimacy, the website will even include the real address of the company and real authorisation or registration numbers.¹⁵ The unsuspecting consumer will then land on a cloned website, pay for services or products, and receive nothing in return.

In the UK, it is estimated that over 200 retail investors lost approximately 10 million pounds between March and mid-October 2020 due to cloned firms.¹⁶

The War Against Misinformation and Fraud

The European Commission and the European Parliament are at the forefront of the fight against coronavirus-related online scams. On 20 March 2020, the European Commission along with the Consumer Protection Cooperation Network (CPC) published guidelines designed to help legitimate online platforms identify illegal practices perpetrated on their websites as well as steps to combat them.¹⁷ On 30 April 2020, the CPC network along with the European Commission launched a sweep of COVID-19-related products advertised online, and found numerous rogue traders and misleading advertisements. A second sweep in June found a decline in illicit activities, but numbers were still high.¹⁸ Seventy-three checks were performed on major platforms and it was discovered that one third of them hosted a significant number of questionable products and advertisements.¹⁹

The creation of CPC, the two sweeps and other global actions yielded significant results. Google blocked and removed 200 million COVID-19 ads globally. Facebook removed at least 2.3 million pieces of coronavirus content from its platform and Instagram removed 27,000 posts within the EU in May 2020.²⁰

In November 2020, EU Commissioner Didier Reynders and the CPC met with representatives from 11 online platforms―Allegro, Amazon, Alibaba/AliExpress, CDiscount, Facebook, Google, eBay, Microsoft/Bing, Rakuten, Verizon Media/Yahoo and Wish²¹―to encourage their operators to ‘reinforce their preparedness’ in addressing new scams that emerged during the second wave of the pandemic. Other social media giants such as Twitter and TikTok have also pledged to act against fraudulent and misleading COVID-19-related information, following the EU’s encouragement.²²

A Continuous Battle

Despite the EU’s best efforts, fraudsters and criminals continue to exploit the pandemic by adapting to the fears of the population during COVID-19.

With the vaccine production and rollout, Europol has warned EU member states of the potential rise of fraudulent COVID-19 vaccines sold online and offline. Counterfeit and substandard serums could contain dangerous substances, which may pose health problems or be ineffective against the virus. Adverts for vaccines sold on the darknet and hacking forums have tripled since the beginning of the year with sellers allegedly originating from Spain, Germany, France and Russia.²³

Adverts for vaccines sold on the darknet and hacking forums have tripled since the beginning of the year

Due to the high demand and slow rollout of legitimate COVID-19 vaccines, there is a fear that counterfeit versions will continue to circulate within the market, encouraging people and governments to acquire them from criminal organisations. In March 2021, the European Anti-Fraud Office (OLAF) notified that about one billion fake vaccines worth 14 billion euros have been offered to European governments by shady intermediaries.²⁴

Counterfeit versions of the Pfizer vaccine were identified in Poland in April 2021. A spokesperson of the pharmaceutical company stated that there will be an increase in COVID-19 fraud and counterfeit activity ‘fueled by the ease and convenience of e-commerce and anonymity afforded by the Internet.’²⁵

As the fight against COVID-19 persists, criminals continue to find innovative ways to exploit peoples’ fears over the pandemic. Forged vaccine cards and negative COVID-19 test certificates that would allow people to go back to normality have begun to appear on darknet markets for hundreds of euros.²⁶

Aside from monetary gain, criminals are interested in the victim’s data and identity.²⁷ With online activity and consumption forecasted to continue rising following the pandemic, personal data will remain a lucrative business for criminal organisations, resulting in an increase of impersonations, financial fraud, hacking and the sale of said data on dark web forums.

Compliance officers and AML analysts have a weapon against these crimes—knowledge

Compliance officers and AML analysts have a weapon against these crimes—knowledge. Being up to date with COVID-19 scams, such as phishing or cloned firms, can help compliance professionals detect and stop perpetrators in time. Shared knowledge among clients and their financial institution can reduce fraud victims. Lastly, prevention may be EU’s best protection against COVID-19 scams.

Stefano Siggia, CAMS, senior consultant, Pideeco, Belgium, stefano@pideeco.be

1. Will Neal, “Germany’s Million Mask Scam Foiled as Organized Crime Goes Online,” Organized Crime and Corruption Reporting Project, 16 April 2020, https://www.occrp.org/en/daily/12123-germany-s-million-mask-scam-foiled-as-organized-crime-goes-online
2. “Unmasked: International Covid-19 fraud exposed,” INTERPOL, 14 April 2020, https://www.interpol.int/en/News-and-Events/News/2020/Unmasked-International-COVID-19-fraud-exposed
3. Seana Davis, “COVID-19: Authorities across Europe warn of coronavirus-related scams,” Euronews, 23 March 2020, https://www.euronews.com/2020/03/23/covid-19-authorities-across-europe-warn-of-coronavirus-related-scams
4. “Belgium launches fraud investigation over missing coronavirus masks,” The Bulletin, 15 March 2020, https://www.thebulletin.be/belgium-launches-fraud-investigation-over-missing-coronavirus-masks
5. “Italy deaths top 30,000, France scuppers $32m scams: Covid-19 daily bulletin,” CGTN, 8 May 2020, https://newseu.cgtn.com/news/2020-05-08/Russia-cases-soar-Denmark-reopening-VE-Day-quiet-COVID-19-bulletin-QkqwgEn5GU/index.html
6. Paul Skeldon, “Online shopping surges by 129% across UK and Europe and ushers in new customer expectations of etail,” Internet Retailing, 22 April 2020, https://internetretailing.net/covid-19/covid-19/online-shopping-surges-by-129-across-uk-and-europe-and-ushers-in-new-customer-expectations-of-etail-21286; “Holiday spending to take a Covid-19 blow this year,” Consultancy.eu, 21 December 2020, https://www.consultancy.eu/news/5426/holiday-spending-to-take-a-covid-19-blow-this-year
7. “Covid-19: watch out for online scams and unfair practices,” News European Parliament, 7 April 2020, https://www.europarl.europa.eu/news/en/headlines/society/20200402STO76414/covid-19-watch-out-for-online-scams-and-unfair-practices
8. Ana Lazaro, Jack Parrock, “EU steps up pressure on online sellers over coronavirus scams,” Euronews, 17 April 2020, https://www.euronews.com/2020/04/17/eu-steps-up-pressure-on-online-sellers-over-coronavirus-scams
9. “Italian police uncover online coronavirus fraud,” Reuters, 4 March 2020, https://www.reuters.com/article/us-health-coronavirus-italy-police/italian-police-uncover-online-coronavirus-fraud-idUSKBN20R2XF
10. “Scams related to COVID-19,” European Commission, 3 April 2020, https://ec.europa.eu/info/live-work-travel-eu/consumer-rights-and-complaints/enforcement-consumer-protection/scams-related-covid-19_en
11. Seana Davis, “COVID-19: Authorities across Europe warn of coronavirus-related scams,” Euronews, 23 March 2020, https://www.euronews.com/2020/03/23/covid-19-authorities-across-europe-warn-of-coronavirus-related-scams
12. Ibid.
13. Lucia Yar, “Phishing emails, trojans and spam in the age of coronavirus,” Euractiv, 19 March 2020, https://www.euractiv.com/section/digital/news/phishing-emails-trojans-and-spam-in-the-age-of-the-coronavirus/
14. “Covid-10: Fraud,” Europol, https://www.europol.europa.eu/covid-19/covid-19-fraud
15. Laura Slattery, “Covid-19 scams: how the pandemic has been Christmas for fraudsters,” THE IRISH TIMES, 30 June 2020, https://www.irishtimes.com/business/personal-finance/covid-19-scams-how-the-pandemic-has-been-christmas-for-fraudsters-1.4289404
16. “Scammers fool Britons with investment firm clones, says trade body,” Arab News, 28 November 2020, https://www.arabnews.com/node/1769491/business-economy
17. “Covid-19: watch out for online scams and unfair practices,” News European Parliament, 7 April 2020, https://www.europarl.europa.eu/news/en/headlines/society/20200402STO76414/covid-19-watch-out-for-online-scams-and-unfair-practices
18. “Scams related to Covid-19,” European Commission, 3 April 2020, https://ec.europa.eu/info/live-work-travel-eu/consumers/enforcement-consumer-protection/scams-related-covid-19_en
19. “Coronavirus: EU Consumer Protection authorities and the Commission complete checks to protect consumers from online scams,” European Commission, 29 July 2020, https://ec.europa.eu/info/news/coronavirus-eu-consumer-protection-authorities-and-commission-complete-checks-protect-consumers-scams-online-2020-jul-29_en
20. Ibid.
21. “Coronavirus: Commission urges online platforms to collaborate and continue fighting consumers scams,” European Commission, 6 November 2020, https://ec.europa.eu/info/news/coronavirus-commission-urges-online-platforms-collaborate-and-continue-fighting-consumer-scams-2020-nov-06_en
22. John Chalmers, “EU warns of new wave of consumer scams amid COVID resurgence,” Insurance Journal, 9 November 2020, https://www.insurancejournal.com/news/international/2020/11/09/589989.htm
23. Joe Tidy, “Covid-19: Vaccines and vaccine passports being sold on darknet,” BBC, 23 March 2021, https://www.bbc.com/news/technology-56489574
24. Gabriela Baczynska, “Fraudsters offer 1 billion COVID-19 doses across EU, agency warns,” Reuters, 1 March 2021, https://www.reuters.com/business/healthcare-pharmaceuticals/fraudsters-offer-1-billion-covid-19-doses-across-eu-agency-warns-2021-03-01/
25. Sasha Pezenik, “Pfizer identifies counterfeit COVID-19 vaccine in Mexico, Poland; warns of increase in fraud,” ABC News, 21 April 2021, https://abcnews.go.com/Health/pfizer-identifies-counterfeit-covid-19-vaccine-mexico-poland/story?id=77225113
26. Joe Tidy, “Covid-19: Vaccines and vaccine passports being sold on darknet,” BBC, 23 March 2021, https://www.bbc.com/news/technology-56489574
27. Ibid.