The U.S. Secret Service has created the Cyber Fraud Task Forces (CFTFs), aimed at preventing, detecting and mitigating complex cyber-enabled financial crime – including making arrests and convictions.
The CFTF is the result of a formal merging of two of the Secret Service’s existing units into a single unified network. The Electronic Crimes Task Forces (ECTFs) and the Financial Crimes Task Forces (FCTFs), the division said in a recent media statement. The driver for the move is the fact that online cybercrime and financial fraud have converged to the point that it’s impossible to address one without including the other, it said.
“In today’s environment, no longer can investigators effectively pursue a financial or cybercrime investigation without understanding both the financial and internet sectors, as well as the technologies and institutions that power each industry,” officials said. “Secret Service investigations today require the skills, technologies and strategic partnerships in both the cyber and financial realms.”
In fact, nearly all of the Secret Service’s traditional financial crime investigations make use of digital evidence, and the group acknowledged that increasing technological sophistication on the part of bad actors has led to a proliferation of blended cyber-enabled financial crimes. Those include business email compromise (BECs) scams, ransomware attacks, data breaches and the sale of stolen credit cards and personal information on the internet.
“The creation of the new Cyber Fraud Task Forces (CFTF), will offer a specialized cadre of agents and analysts, trained in the latest analytical techniques and equipped with the most cutting-edge technologies,” said Michael D’Ambrosio, assistant director of the Secret Service. “Together with our partners, the CFTFs stand ready to combat the full range of cyber-enabled financial crimes. As the nation continues to grapple with the wave of cybercrime associated with the COVID-19 pandemic, the CFTFs will lead the effort to hold accountable all those who seek to exploit this perilous moment for their own illicit gain.”
Keith McCammon, chief security officer and co-founder of Red Canary said that an overwhelming majority of threat actors are financially motivated.
“These criminals manipulate software, end users and a wide variety of financial services and technologies with increasing sophistication to achieve their objectives,” he said via email. “The wide variety of technical and financial systems in play can be viewed as complicating factors in investigations, and they are. But every system that a criminal uses presents an opportunity to identify, track and ultimately disrupt their operations.”
The Secret Service also said that it has broken up “hundreds” of COVID19-related cyber-fraud scams since March, when coronavirus lockdowns went into place around the country. It thus has prevented tens of millions of dollars in fraud from occurring, officials said.
In terms of specific wins, the Secret Service has halted the illicit sales of online stolen COVID-19 test kits, and is now leading a “nationwide effort to investigate and counter a vast transnational unemployment fraud scheme targeting the U.S. state unemployment programs,” according to the Secret Service.
The Secret Service has 42 domestic CFTF locations with two international locations, in London and Rome. The law-enforcement group said that it plans to further extend the CFTF network to include as many as 160 offices across the country and around the globe.
“Our success requires that investigators have a holistic understanding of modern criminal operations, from how they target and interact with victims to how they get paid, so that any mistake along the way can be used to the advantage of law enforcement,” McCammon said. “By combining the Financial and Electronic Crimes Task Forces, our expertise across domains can be leveraged more effectively, putting the Secret Service and its partners in a vastly improved position to understand, disrupt, and prosecute modern frauds.”
BEC and enterprise email fraud is surging, but DMARC can help – if it’s done right. On July 15 at 2 p.m. ET, join Valimail Global Technical Director Steve Whittle and Threatpost for a FREE webinar, “DMARC: 7 Common Business Email Mistakes.” This technical “best practices” session will cover constructing, configuring, and managing email authentication protocols to ensure your organization is protected. Click here to register for this Threatpost webinar, sponsored by Valimail.