The novel coronavirus (COVID-19) pandemic has opened the floodgates to scam artists attempting to profit from sick, anxious and financially vulnerable Americans. On the frontlines fighting fraud are the Federal Trade Commission (FTC), U.S. Justice Department (DOJ) and other government agencies. Here are some of the fraud schemes they’re actively investigating — and the perpetrators they’ve rounded up.
Peddling false hope
The FTC has sent warning letters to almost 100 businesses for making scientifically unsubstantiated claims about their products. Companies from California to Virginia, Indiana to Florida have touted (mostly online or by phone) “treatments” for COVID-19, even though the federal government hasn’t approved any vaccines or cures for the disease.
Letter recipients must stop making deceptive claims immediately and notify the FTC within 48 hours about the actions they’ve taken. Noncompliance can result in a federal court injunction and an order to refund deceived customers. Just last week, the FTC took the seller of a “wellness booster” to court. Originally, the product — capsules containing Vitamin C and herbal extracts — had been marketed as a cancer cure. But the enterprising fraudster pivoted in March 2020 to exploit COVID-19 fears.
Producers and marketers of fake cures aren’t the only companies under scrutiny. The FTC, in joint letters with the Federal Communications Commission, has warned several Voice over Internet Protocol (VoIP) service providers for “assisting and facilitating” illegal telemarketing and robocalls related to COVID-19. This is a violation of the FTC’s Telemarketing Sales Rule.
The DOJ has also come down on several VoIP providers for knowingly transmitting robocalls from “government officials.” Although there’s uncertainty about whether VoIP and similar services can be considered liable for the actions of their users, law enforcement officials are clearly serious about taking down those who would exploit the pandemic for personal gain.
Government agencies also have their sights on smaller, opportunistic scams. Recently, the FTC warned consumers to beware of fake COVID-19 testing sites set up in parking lots with realistic looking signs, tents and workers. Not only have these criminals obtained Social Security and credit card numbers from test-seekers, but they may have helped spread contagion through unsanitary contact with them.
And the DOJ is raising the alarm about the role cryptocurrency is playing in many COVID-19 schemes. Everyone from snake-oil sellers to bad-investment promoters are asking their victims to pay with cryptocurrency. Therefore, it should be recognized as a red flag.
How to stay safe
Many fraud schemes present since the start of the COVID-19 crisis in the United States — small business loan scams, charity fraud and attempts to steal stimulus payment checks — also continue apace. Your best defense, as always, is to hang up on suspicious calls, delete fake-looking emails and be wary of any claims that sound too good to be true. If you encounter fraud, report it to ftc.gov.
© 2020 Covenant CPA
Before the novel coronavirus (COVID-19) pandemic struck, employees who suspected occupational fraud in their organizations had multiple options for notifying their employers. For example, they could use interoffice mail to send information anonymously or meet with HR personnel in person.
Reporting options for employees working from home are more limited — particularly if they wish to remain anonymous. The current working environment only highlights the necessity for a fraud hotline or online portal that workers can access anywhere, anytime. If your business doesn’t already offer a confidential reporting mechanism, start thinking about how you can establish one.
Confidential fraud hotlines are one of the best ways to nab workplace criminals. The Association of Certified Fraud Examiners has determined that the average organization with a hotline discovers fraud within 12 months, versus 18 months for those without hotlines. Hotlines also limit losses — $98,000 less in losses for employers that offer them.
One of the reasons hotlines are important is because, in most cases, subordinates or coworkers know or suspect fraud long before owners or members of upper management do. Yet they may not say anything for fear of reprisal. Anonymity, therefore, is essential.
Establishing a hotline doesn’t have to be hard, but it does require some planning. Consider taking the following steps:
Identify an executive sponsor. Your hotline or portal will require a modest expenditure. If you aren’t the company’s owner or a financial decisionmaker, identify an executive sponsor to make the case for the investment.
Develop a project charter. A charter documents the business benefits of deploying a hotline or portal — for example, reducing financial losses and empowering employees.
Form a steering committee. In addition to executives and technology experts, include legal and HR representatives. They can help ensure that the processes you put in place don’t violate employee rights and applicable laws.
Review technology options. Determine your business’s needs and identify the vendors that can meet them. Learn which systems similar companies use or ask your financial and legal advisors for suggestions.
Up and running
Once you launch an anonymous reporting channel, make sure you position it so that all employees and other stakeholders can access it easily. If, for example, you company has overseas operations, work with local experts to overcome language, cultural and other barriers that might prevent workers from using a hotline.
And be sure to publicize your reporting mechanism at every appropriate opportunity. Executives might routinely mention it in all-company emails and in public speeches, and you should provide information (and links, if applicable) in your employee handbook and on your intranet. For help putting a hotline or portal in place, contact us.
© 2020 Covenant CPA
Many businesses were unprepared when the novel coronavirus (COVID-19) pandemic required them to close their physical offices and shift to remote operations. Your company, for example, may have had to scramble to set up a virtual private network (VPN) or move files to the cloud. And while adapting to working from home, employees may have let your usual security procedures slide.
From a cybercrime perspective, working from home generally isn’t as safe as working in the office. So you need to look for ways to protect your disbursed workforce and prevent criminals from gaining access to your digital assets.
Here are five ideas:
- Invest in education. Require remote employees to participate in security-related training that covers “old-school” phishing scams as well as new COVID-19 variations. As schemes emerge (check the Federal Trade Commission’s website at ftc.gov for the latest), notify employees and remind them what to do if they think they’ve fallen victim to a scam.
- Enable automatic updates. To keep the operating systems of employee computers safely patched, remind workers to enable automatic software updates. Also, double-check that every employee-assigned device is fortified with current malware and antivirus software.
- Revisit access privileges. To maintain productivity, most employees need access to the same systems at home as they had in the office. However, consider reviewing which workers have access to certain files, network controls and cloud accounts — and whether they really need access now. Remember that when employees work from home, their partners, children and visitors may have easy access to their computers. To protect your company, ensure systems generate user audit trails that can be followed in the event of a breach.
- Protect WiFi connections. While working from home, employees use their personal WiFi connections to access your company’s IT environment. Unfortunately, many people use the default WiFi password or a simple password that hackers can easily break. To foil fraud perpetrators, employees should change it to a complex combination of letters and other characters. If possible, require them to use a VPN with two-factor authentication.
- Secure your videoconferences. Most videoconferencing services employ multiple layers of security. But some platforms offer greater protection than others. Before choosing one, perform a simple Google search to read user reviews and security bug reports. Once you’ve selected a service, communicate security protocols before allowing employees to use it for company business.
Finally, provide employees with access to a technical support desk so they can report problems — and get solutions — as quickly as possible. Working from home may be new for a lot of Americans, but fraud is a familiar foe for most. If can be defeated with appropriate knowledge and tools.
© 2020 Covenant CPA
Paying workers “under the table” or with cash can save businesses a bundle in taxes. But the potential consequences are grave. Not only is this practice illegal and could result in severe financial penalties, but it also shortchanges employees.
The novel coronavirus (COVID-19) pandemic has made this abundantly clear. As many laid-off workers who were paid under the table have learned, they don’t qualify for unemployment benefits if their state has no record of their employer contributing to the insurance pool. They may have trouble getting other financial assistance as well. You should protect your business and its workers by following the rules.
Paying the piper
In general, compensation is subject to federal income and employment taxes, as well as taxes that may be assessed on state and local levels. Employees are personally responsible for federal income tax on their wages, and both employees and employers are responsible for paying employment taxes.
The main employment tax, mandated by the Federal Insurance Contributions Act (FICA), comprises three elements:
1. A 6.2% OASDI, or Old-Age, Survivors and Disability Insurance (or Social Security tax),
2. A 1.45% Hospital Insurance (HI) tax on all wages (known as the Medicare tax), and
3. An additional 0.9% Medicare surtax on wages exceeding $200,000 for single filers and $250,000 for joint filers.
Employers must also pay unemployment tax under the Federal Unemployment Tax Act (FUTA). That tax is 6% on the first $7,000 of wages, but it may be effectively reduced to as little as 0.6% due to credits for state unemployment programs.
Employers’ responsibilities usually extend beyond taxes. You may be required to pay overtime and provide benefits to employees — ranging from qualified retirement plans to family medical leave time — all governed by federal laws. Employees without such benefits who become sick with COVID-19 don’t qualify for paid leave. They may be forced to work anyway to support their families and, thus, spread the infection further.
To support employees in the event they’re laid off, employers often must pay for different types of employee insurance, including Workers’ Compensation, unemployment insurance and, depending on the state, disability insurance. In addition, the Affordable Care Act imposes minimum health insurance coverage requirements on employers with 50 or more full-time employees (and full-time equivalent employees).
Note: These warnings don’t apply to workers who are legitimate independent contractors. Contractors, who work for themselves, are responsible for paying their own taxes and providing their own benefits. But you must properly handle these workers by meeting certain tests in order to have them classified as independent contractors.
Consider the real cost
Paying taxes and providing benefits to employees are necessary costs of doing business. While they take a chunk out of your bottom line, not paying them can cost you, your workers and, ultimately, the general economy, even more. Contact us for help managing expenses and reducing taxes legally.
© 2020 Covenant CPA
The coronavirus (COVID-19) pandemic may pose a double whammy for seniors. The elderly are considered the most vulnerable population for medical complications associated with the virus. They’re also prime targets for COVID-19 scams. If you’re a senior — or have elderly relatives and friends — read and share the following information.
Everyone a potential victim
There’s nothing new about fraud perpetrators attacking seniors, who may be less savvy about phishing emails and online scams and more trusting of strangers. As a study conducted by the FINRA Investor Education Foundation and several other groups found, a major risk factor for losing money to scams is social or physical isolation, which is more common among the elderly.
Of course, during the current crisis, everyone’s a potential fraud victim. As with all consumers, seniors should watch out for:
- Emails promoting vaccines and cures that contain malware-laced attachments,
- Fake charities soliciting donations,
- Scams that promise high returns for investing in COVID-19-related stocks, and
- Requests for personal information or a fee to receive an economic impact payment from the federal government.
Senior benefit scams
Some scams are tailor-made for older Americans. For example, the nonprofit Senior Medicare Patrol warns that perpetrators are contacting Medicare recipients and offered sham COVID-19 tests and treatments in exchange for Medicare numbers or money. It’s important to remember that actual government agencies will never call and ask for personal or payment information. As Medicare.gov instructs, “if someone calls asking for your Medicare Number, hang up!”
With local Social Security Administration (SSA) offices temporarily closed, scammers are also trying their luck with benefit payment recipients. The SSA states emphatically that, “any communication that says SSA will suspend or decrease your benefits due to COVID-19 is a scam, whether you receive it by letter, text, email, or phone call.” You can report suspicious contacts at oig.ssa.gov.
Fraud perpetrators have also updated several old frauds for the COVID-19 age — including the classic “grandchild” scam. You could receive a phone call claiming that a grandchild is sick or in trouble and needs your help. Fraudsters usually ask for payment via a gift card and instruct you to act fast. Gather facts from the caller, then hang up and verify the information with other relatives. Chances are, your grandchild is just fine.
Also be wary of anyone using the virus to pitch home services. If someone offers to clean and sanitize your home, check the business’s reputation online or with the Better Business Bureau and make sure you don’t pay the service provider until the job is complete. As an extra precaution, you might invite a friend or relative to be with you when cleaners are in your home.
This is an anxious time for everyone, but elderly Americans need to be on guard even more than other segments of the population right now. If someone attempts to scam you or a family member, contact law enforcement and, if applicable, the proper government agency. Reporting these crimes is essential to stemming senior-targeted fraud.
© 2020 Covenant CPA
Like the coronavirus (COVID-19) pathogen itself, incidents of COVID-19 fraud are surging and financial losses are piling up. The Federal Trade Commission (FTC) reports that the number of 2020 COVID-19-related complaints doubled in just one recent week. As of March 31, losses attributed to the outbreak stood at $5.9 million. Here are some of the scams criminals are perpetrating.
Although travel and vacation company disputes top the FTC’s most recent list of COVID-19 complaints, most of these relate to cancellations and refunds, not fraud. Much more worrying for American consumers are the many online vendors hawking suspect treatments and tests. On March 9, the FTC sent warning letters to seven companies advertising everything from virus-fighting tea to essential oils. The Commission has informed companies that don’t immediately cease making such false claims that they face legal action.
For the record, the Food and Drug Administration hasn’t approved any vaccines, drugs or at-home tests as effective in the fight against the virus. Fortunately, it’s relatively easy to protect yourself from ineffective and potentially dangerous products. Simply ignore pitches that sound too good to be true.
If you want to get tested for COVID-19, visit the Centers for Disease Control and Prevention’s (CDC’s) website at cdc.gov for information. Contact your healthcare provider directly if you’re experiencing symptoms of the disease.
Law enforcement on the case
The FBI and U.S. Attorney’s office are also closely tracking COVID-19 fraud. A recently assembled task force warns consumers and businesses about several novel scams, including:
App malware. Fraudsters are creating new — and hacking existing — mobile apps that supposedly provide COVID-19 data. In fact, the apps are infected with malware that gathers financial and personal information.
Healthcare provider scams. Some people have received calls from a “doctor” or “hospital” that claims it treated a family member and demands payment. Know that recent federal legislation makes most COVID-19 testing and treatment free.
Hot stocks. There’s nothing new about investment scams, but con artists are using the pandemic to promote dubious stocks. You might hear, for example, that a pharmaceutical company’s stock will soon go through the roof because it has a miracle drug in the pipeline. Bottom line: Check with a trusted advisor before investing your money.
As always, exercise caution when answering the phone, opening email and reading texts. These days, scammers may claim to represent the CDC or another government agency to try to con you out of money or personal information. When in doubt, be skeptical. And if you believe you’ve fallen for a scam or are worried about protecting your assets or your business from fraud, contact us.
© 2020 Covenant CPA
Scam artists know how anxious business owners are during the current coronavirus (COVID-19) crisis. They know that as you struggle to meet customer demands, pay employees and stay solvent, you’re more likely to drop your guard and fall for a fraud scheme. The last thing your business needs right now is to suffer additional financial losses. So keep an eye out for the following scams:
Fake suppliers. Whether you’re a manufacturer seeking raw materials or a grocer desperate to keep shelves stocked, you may have trouble getting your usual supplies. If a regular supplier is temporarily — or permanently — shut down, be careful about doing business with unknown vendors. Many authentic-looking websites are, in fact, fronts for criminal operations, and if you place an order with them, you may never receive the goods. Also be wary of cold callers promising to source hard-to-get items. If it sounds too good to be true, it probably is.
Defective goods. Even if you do receive your supply order, there’s a chance its contents will be defective. In early March, an international team of law-enforcement agents arrested 121 criminals around the world who were selling counterfeit surgical masks, hand sanitizer and other in-demand products. Depending on your business, buying defective goods could be an expensive mistake — or a public health emergency.
Payment fraud. Online payment fraud was already growing aggressively. But COVID-19 is expected to throw fuel on the fire as more people turn to home services apps, such as those for food delivery and online learning. Consumers usually don’t pay when their stolen credit cards are used to make purchases. But businesses generally do. You’re likely to be held responsible for fraudulent transactions, as well as possible chargeback fees. So be vigilant about maintaining IT security. Retailers might consider adding an Address Verification Service, which confirms a cardholder’s billing address with the card company.
Google scam. Fake robocalls claiming to come from Google have circulated for several years. Now there’s a COVID-19 twist. The recorded message tells businesses “affected by the coronavirus” that they need to ensure their Google listing is correct so that customers can locate them during the pandemic. If you speak to someone, he or she may ask for payment to list your business or try to gain confidential information. Know that Google never makes unsolicited sales calls. If someone tries to convince you otherwise, hang up.
Unfortunately, these schemes represent only the tip of the iceberg. For the latest on COVID-19-related fraud, visit the Federal Trade Commission’s “Business Center” at ftc.gov/tips-advice/business-center. Or contact us.
© 2020 Covenant CPA
As governments around the globe mobilize to defend their populations from the novel coronavirus (COVID-19), criminals are also mobilizing — to fleece people. These opportunists have already found ways to use the fear and chaos associated with the pandemic to enrich themselves. But you can protect yourself and your business.
Phishing emails that promise valuable information about the virus have been circulating for weeks. Fake COVID-19 websites loaded with malware have also popped up everywhere. And as many Americans start working from home, often on vulnerable home networks and devices that lack the latest security updates, hacking incidents are becoming more common.
The federal government’s plan to send checks to Americans to help boost the economy will almost certainly bring scammers out in force. The Federal Trade Commission has already warned that crooks may try to convince people they must pay a fee to receive their checks from the government — which isn’t true.
So how do you protect yourself or your business in these troubled times? Here are a few essentials:
Let phone calls go to voicemail. The best way to fight off phone scammers is to not answer the phone if you don’t recognize the number. But if you do answer, be wary of anyone making promises about, for example, interest-free loans or mortgage payment forbearance. If you need financial help, contact government agencies, charities and financial-service providers directly.
Keep your inbox clean. Along the same lines, exercise caution when opening emails, particularly if you don’t recognize the sender’s name. (Keep in mind, however, that hackers can hijack a friend’s account and send malicious emails to you in that person’s name.) Right now, scammers are likely to use enticing subject lines such as “Cure for COVID-19” or “Make big $$$ working from home.” If you open one of these emails by mistake, don’t click on any links or attachments.
Beware of charity fraud. Charity schemes are a time-tested method for stealing money from generous individuals and companies that just want to help. While you’re encouraged to donate money to organizations fighting COVID-19 and assisting its victims, give only to reputable charities you know. If you aren’t familiar with a nonprofit, ask for its tax ID number and verify it with the IRS. You’re also encouraged to research the organization on watchdog sites such as Charitynavigator.com and Charitywatch.com.
Just say “no”
Most Americans are pulling together to fight COVID-19. However, some criminals view the pandemic as an opportunity to profit, so you need to maintain healthy skepticism. If you’re suspicious, hang up, delete or just say “no.”
© 2020 Covenant CPA
The investment “opportunity” could be anything from a new nutritional supplement to a foolproof method for “flipping” houses. But if the investment or product is advertised as “easy money” or promises immediate high earnings, beware. Although there are plenty of legitimate business opportunities out there, there are also plenty of fraudulent schemes that exist for no other reason than to steal your money.
Simple or complicated
These schemes can be relatively straightforward. For example, one New York state man was convicted of enticing investors to sink $10,000 each into a vending machine distribution business he promised would be profitable — even though it was set up to fail.
But they can also take the form of complicated pyramid schemes that generally offer no actual product or service and are sustained by constantly recruiting new participants. Often, these schemes are couched as “clubs” or “gift programs” and promoted through social networks. Whatever they’re called, they usually end the same way: When the pyramid collapses, only the “founders” walk away with any money.
To assist potential investors, the Federal Trade Commission (FTC) has established a Business Opportunity Rule. Among other things, the rule requires sellers to produce a disclosure document and to detail any earnings claims in a separate statement.
Sellers also must disclose prior civil or criminal litigation involving claims of misrepresentation, fraud, securities law violations, or unfair or deceptive business practices; outline any cancellation or refund policy; and provide references nearest to the potential buyer’s location. Furthermore, the disclosure document must be written in the language in which the buyer and seller discussed the opportunity. For more about the rule, visit ftc.gov.
In practical terms, you can protect yourself by studying the disclosure document, earnings claim statement and proposed contract, looking for potential loopholes that might benefit the seller at your expense. For example, are start-up costs particularly high? Is the seller required to buy back inventory you’re unable to sell or would you be out-of-pocket?
Other tips to protect your money:
- Research the seller’s history and reputation online and check for complaints with the Better Business Bureau. (Note that the absence of complaints doesn’t necessarily mean the seller is aboveboard.)
- Find out if there’s an actual market for the business’s products or services.
- Talk to current investors or participants and ask tough questions.
- Ask your legal and financial advisors to review any documents you don’t understand, including the contract.
When to walk away
If you suspect a business opportunity is fake, turn it down. Then report it to your state attorney general’s office, your county or state consumer protection agency, and the FTC. But if you’re unsure about the legitimacy of an offer, contact us. We can help you evaluate it.
© 2020 Covenant CPA
Every time your business interacts with customers is an opportunity to build trust. And it’s an opportunity you can’t afford to neglect. Look at customer data. When customers hand over personal and financial data to your company, they expect you to do everything in your power to protect it from hackers — as well as non-criminal third parties. If you don’t? Just look at some of the companies affected by major data breaches.
Provide fraud notices
Unless you run a cash-only business, you collect financial data from you customers every time you process transactions. If you offer credit accounts to business customers, you probably collect even more information. You’re obliged to ensure this data doesn’t fall into the hands of thieves and fraud perpetrators.
Consumers don’t need to understand the inner workings of your fraud prevention efforts. However, they must trust that you have an effective program in place. Provide notices on your website and train customer service representatives to answer questions about your fraud prevention program. If you require customers to use passwords or answer questions to prove their identities online, explain why these steps are necessary.
Explain how you share data
Criminal activity isn’t the only thing customers worry about. Increasingly, they want to know how businesses willingly share — and often profit from — their data. Given the patchwork of data privacy regulations, most consumers know little about the laws and regulations governing businesses. In layman’s terms, briefly summarize which ones cover your company’s activities, as well as your commitment to honoring the spirit and intent of them. Note that if you have customers in the European Union (potentially any company with a website), you need to comply with the EU’s stringent data protection laws.
As a general best practice, don’t collect any more data from customers than you absolutely need. If you intend to share it with third parties, inform customers at the time you request the data and allow them to opt out, if possible. Keep in mind that some customers will probably go elsewhere if they know you plan to share their data or if your business model is largely based on sharing data. Nevertheless, transparency is critical.
All about communication
Whether you’re trying to prevent fraud or share data with third parties responsibly, keep your customers informed. Good interpersonal relationships are based on trust — and that’s just as true for business relationships.
© 2020 Covenant CPA