FinCEN Issues Alert on Twitter Convertible Virtual Currency Scam

Fraudsters are compromising Twitter accounts of public figures, organizations, and financial institutions to solicit payments to CVC accounts.

7/28/2020

FraudThe Financial Crimes Enforcement Network recently issued FinCEN Alert FIN-2020-Alert001 to warn financial institutions of the recent high-profile scam that exploited Twitter accounts to solicit fraudulent payments denominated in convertible virtual currency (CVC). Fraudsters compromised the Twitter accounts of public figures, organizations, and financial institutions to solicit payments to CVC accounts, claiming that any CVC sent to a wallet would be doubled and returned to the sender.

The alert stresses the importance of financial institutions identifying and reporting suspicious transactions associated with this type of activity. Credit unions should include any relevant technical indicators related to cyber events and associated transactions within the available structured cyber event indicator fields on the Suspicious Activity Report form.

The alert lists key indicators to help detect, prevent, and report potential suspicious activity related to this scam:

  • Promises of high or guaranteed investment or donation returns for payments made to accounts with which you have no prior business relationship.
  • Communications, including social media posts, soliciting payments with misspellings or messages out of profile for the counterparty, soliciting payments from individuals or organizations with whom you have no prior existing business relationship, including celebrities or public figures.
  • Solicitations requesting donations via social media where the solicitor is not affiliated with a reputable organization.
  • Social media posts that solicit donations or advertise giveaways that appear from accounts that are not “verified” through the social media platform account verification processes or that misspell the celebrity or financial institution’s name.
  • Multiple social media accounts communicating the same message soliciting funds for an unknown purpose or to an unknown account.
  • Communications, including social media posts, that provide the same CVC address across multiple celebrity or prominent financial institution social media accounts.

FinCEN requests that financial institutions reference this alert by including the key term “FIN-2020- Alert001” in SAR field 2 (Filing Institution Note to FinCEN) and the narrative to indicate a connection between the suspicious activity being reported and the activities highlighted in this alert.

For additional information on reporting cyber events, including on how to file SARS, please reference FinCEN Cyber Event FAQs.

Question of the Week

Q. Under Regulation Z’s loan originator rule (for mortgage transactions), are all loan originators required to receive periodic training? Even MLOs who were registered through the NMLS prior to the new loan originator rules?

A. Yes. The Official Interpretations to Regulation Z states that periodic training for loan originators must be sufficient in frequency, timing, duration, and content to ensure the individual loan originator has the knowledge of State and Federal legal requirements that apply to the individual loan originator’s loan origination activities. The commentary goes on to state that the training requirements apply to individual loan originators regardless of when they were hired.

Additionally, training that the NMLSR has approved to meet the licensed loan originator continuing education requirement under 1008.107(a)(2) satisfies this requirement.

Resources

12 CFR 1026.36(f)(3)(iii)
Official Interpretation to 1026.36(f)(3)(iii)
12 CFR 1008.107(a)(2) 

Legal Briefs

Consumer Financial Protection Bureau

CFPB to Host Symposium July 29

The CFPB will host a symposium on July 29 discussing the use of cost-benefit analysis in consumer financial protection.

Office of Foreign Assets Control

OFAC has updated the SDN list as of July 23. The last update prior to this was July 17.