Unfortunately during these already difficult times, fraudsters are exploiting the spread of coronavirus (COVID-19) in order to carry out fraud and cybercrime to target the general public, businesses and public organisations.
Fraudsters are using the internet, telephone calls and texts and even visits to people’s homes in their attempts to obtain money or data that could allow them to commit identity theft.
The areas of concern in the current situation are:
- Password spraying campaigns (fraudsters try to access to your systems / applications)
- Misuse of corporate vehicles for fraud (phoenix companies)
- Government impersonation on social media (esp. Department of Work & Pensions)
- Phishing emails (esp. purporting to be the UK Business Advice Bureau and travel companies)
- COVID-19 domain names (esp. Personal Protective Equipment (“PPE”) mask-related)
- Payment diversion / mandate fraud
- Malware (esp. through torrenting i.e. peer to peer and file sharing sites)
- Courier fraud
There are a number simple preventative measures that can be taken, these include but are not exhaustive:
- Suspicious emails should be sent to the National Cyber Security Centre at email@example.com
- Businesses should carry out risk assessments for staff working remotely, and conduct due diligence on customers and suppliers. Don’t be tempted to take shortcuts.
- Use BACS vs. faster payments if possible. verify all payments and supplier details directly with the company on a known phone number or in person first.
- Consider reducing thresholds for payments requiring enhanced authorisation.
- Contact your business’s bank immediately if you think you’ve been scammed and report it to Action Fraud.
- Watch out for app-based phishing emails and spoofed apps, particularly related to the new NHS tracker.
- Fraud Advisory Panel, Charity Commission and the Small Charities Coalition, along with other sector partners, are issuing a free webinar on COVID-19 and charity fraud so it may be worth taking a look.
- Do your homework when making donations check the charity / good cause is legitimate.
- Don’t click on links, or attachments in suspicious emails and never respond to unsolicited messages and calls that ask for your personal, or financial details.
Take care of yourself, your personal finances and your business – do not let the fraudsters benefit from the situation surrounding COVID-19.