In the last year, the U.S. has experienced major snowstorms, extensive flooding, tornadoes, dangerous wildfires and hurricanes. Fraudsters lurk in the shadows of these natural disasters and prey on vulnerable individuals and organizations for financial gain. The FBI and the National Center for Disaster Fraud (NCDF) reminded the public that there is a potential for this type of fraud in the aftermath of all catastrophes.

Disaster fraud is a deliberate act to deceive people, government organizations or private industries after devastating events for personal financial gain. According to Fraud Magazine, this type of fraud can be divided into five primary categories: charitable solicitation, contractor and vendor fraud, price gouging, property insurance fraud and forgery.

  • Charitable solicitation fraud is the act of soliciting funds by posing as a legitimate charitable organization.
  • Contractor and vendor fraud is the act of posing as a legitimate vendor, worker or repairman to collect payment but never complete the tasks in question.
  • Price gouging is the act of increasing the cost of goods and services in a disaster zone.
  • Property insurance fraud is the act of reporting fraudulent claims or inflated claims to collect insurance premiums.
  • Forgery is the act of pretending to be someone you are not for financial gain (i.e., signing and cashing stolen or fraudulently acquired checks).

Examples of Disaster Fraud Schemes

Fraud schemes stemming from natural disasters can vary widely, but almost every major natural calamity will be followed by nefarious actors trying to capitalize on the situation. There are numerous examples of this in the past.

Hurricane Sandy Relief

New Jersey state attorneys charged five individuals with filing fraudulent applications for relief funds that totaled more than $500,000. The individuals submitted FEMA relief applications to receive funds and grants from the Reconstruction, Rehabilitation, Elevation, and Mitigation (RREM) program, the Homeowner Resettlement Program (RSP), rental assistance, property loss and other groups.

BP Oil Spill

A couple in Huntsville, Alabama, were ordered to return $2.1 million they received as compensation for alleged revenue loss after the oil spill occurred. The couple concocted an elaborate scheme to move money through bank accounts so it would appear as a financial loss and subsequently collect relief funds.

Wildfire Relief

A website was seeking donations for food for firefighters. It claimed that the group was hosting the official command center for over 150 firefighters combating the local wildfires in the state of Washington. Upon investigation, it became clear to local authorities that this was untrue. Authorities questioned the website and it was promptly taken down — but funds went unaccounted for.

How to Keep Yourself Safe

In the event that you believe someone is perpetrating a disaster fraud scheme or you are victim of one, contact the NCDF immediately. The NCDF task force was created post-Hurricane Katrina. Since then, its mission has expanded to include all fraud types from domestic natural to man-made disasters. This task force is made up of over 20 federal agencies and is headquartered in the Baton Rouge, Louisiana, command center. In collaboration with law enforcement and U.S. attorneys, the organization has been able to catch and prosecute many fraudsters.

Penalties related to natural disaster fraud schemes are typically much tougher than normal fraud cases. For example, according to 18 U.S. Code Section 1341, a convicted individual faces a maximum period of 20 years imprisonment for fraud. However, when this fraud is conducted in connection with a natural disaster, the penalty increases to a maximum of 30 years imprisonment and a $1 million fine to be “paid in connection with a presidentially declared major disaster or emergency.”

But the most important thing you can do to avoid fraud is to always apply a critical eye. Emotions tend to be high in these situations, but it is extremely important to not allow emotion to cloud your judgment. Carefully question unknown solicitations for charitable donations or assistance. Never sign any forms or documents without fully reading and understanding them.

Be especially cautious when asked to provide personally identifiable information (PII). This includes any combination of insurance numbers, Social Security numbers, full legal names, addresses, financial account information and even credit card information.

More from Fraud Protection

What’s up India? PixPirate is back and spreading via WhatsApp

8 min read - This blog post is the continuation of a previous blog regarding PixPirate malware. If you haven’t read the initial post, please take a couple of minutes to get caught up before diving into this content. PixPirate malware consists of two components: a downloader application and a droppee application, and both are custom-made and operated by the same fraudster group. Although the traditional role of a downloader is to install the droppee on the victim device, with PixPirate, the downloader also…

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today