The government and a cybersecurity expert are warning about fresh stimulus payment scams.
The Financial Crimes Enforcement Network (FinCEN), part of the U.S. Department of the Treasury that combats financial crimes, listed some of the most common Economic Impact Payment (EIP) fraud in a recent advisory.
The stimulus payments are the third and largest to date of the Coronavirus relief packages over the last 12 months.
Fraudsters send fraudulent checks with instructions to call a number or verify information online. Then the bad guys ask for personal or banking information "under the guise that the information is needed to receive or speed up their EIP," FinCEN's advisory said. The information is then used to commit crimes such as identity theft and the unauthorized access of bank accounts.
Theft of payment
These thefts can include stealing an EIP from the U.S. mail or requesting a payment for an ineligible person or seeking another person’s payment without the payee’s knowledge, according to FinCEN.
Inappropriate seizure of payments
A private company that controls a person’s finances seizes a person’s EIP and does not return the seized payments.
Fraudsters engage in phishing – seemingly authentic communications from banks and other trusted entities – using emails, letters, phone calls, and text messages containing keywords such as "COVID-19," and "Stimulus." The goal is to obtain sensitive personal and financial account information such as account numbers and passwords.
"We’ve seen these attacks play out before," Evan Reiser, CEO of cybersecurity firm Abnormal Security, told Fox News, referring to phishing attacks.
"When the first stimulus payments were released in April 2020, scammers launched a phishing campaign that impersonated the IRS, claiming that stimulus checks would be withheld unless the recipient updated their address information," Reiser said.
Victims were directed to a fake IRS log-in page that asked for credentials in order to update the requested information and receive a check.
"Those who fell victim to the attack effectively gave away their user names, passwords… which could allow attackers to steal the stimulus check and/or inflict additional financial damage," Reiser said.
The schemes target the most vulnerable Americans who have been laid off or had hours reduced, according to Reiser.
Some of the most widespread scams are so-called "out-of-domain impersonation" techniques where scammers run fraudulent websites that appear to be legitimate.
Small tweaks in domain names – for example adding an "s" to the end of a domain name – make them appear legitimate.
More on Fox News.