German Health Authorities Lose €1.5 Million in COVID-19 Mask Purchase Scam



iStock-1209610671Reaching an all-new low, an international team of individuals setup an elaborate online scam taking advantage of the current need for healthcare equipment to fight COVID-19.

Just when you think scammers can’t get any worse, you hear about a multi-national scam team intent on taking money from healthcare organizations in their time of most critical need. Impersonating a legitimate company in Spain selling personal protective equipment (PPE), the criminals took an order from German health authorities for €1.5m in facemasks. The scam even utilized some social engineering to get additional an additional €880,000 the day before the supposed delivery of the purchased masks.

The masks, of course, never arrived.

Once it was determined the purchase was a scam, authorities in Germany, Ireland, Holland, and Spain were involved where all wired funds were recovered and frozen, and one Irish national was being held and interviewed regarding the scam.

All it took was the copying of a website and finding a victim’s in need to cause a multi-million euro scam to come to fruition. The COVID-19 pandemic provides the perfect opportunity as the life and death potential of the virus creates the right urgency for social engineering scams to work flawlessly.

In times like this, it’s important for employees to remember that just because a webcast makes a claim (in this case “we have masks!”), it doesn’t mean the claim or the site is legitimate.  Security Awareness Training helps employees understand how methods like this are used to attempt to trick victims into parting with credentials, banking details, credit card information, or in this case, desperately needed budget to get masks to frontline healthcare workers.


Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Request a Demo!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/kmsat-security-awareness-training-demo



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews