Protecting data from “COVID” fraud

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Fed Tech Talk’s audio interviews on Apple Podcasts or PodcastOne.

By now, everybody in the federal government community knows that 80% of the workforce is remote and there has been a drastic increase in the amount of Internet traffic. What may not be so obvious is the increase in risk and fraud that is associated with that increase.

Head shot of George Freeman
George Freeman, Lexis Nexis Risk Solutions

The issue boils down to the fact that malicious actors can present as valid email addresses. Many call this spoofing. In a perfect combination, a federal professional can get an email that certainly looks valid asking them to click on a link. Classic phishing on display here.

Here is the scenario – in today’s remote world, you are on a Zoom meeting and get what looks like a valid email from a team member asking for emergency action. Of course, they will comply, and fall into the trap. Recent stories suggest over $77 million has been lost to what is called “COVID” fraud.

George Freemen is a solutions consultant at Lexis Nexis Risk Solutions and he tells host John Gilroy on this week’s Federal Tech Talk that the identification level must go beyond a mere email address. During the interview, he suggests that systems can be used to see patterns of behavior to validate an identity.

The range of waste, fraud, and abuse is amazing. Malcontents have perpetrated a fraud on the federal level from the Paycheck Protection Program (PPP) to the IRS sending stimulus checks to the deceased.