One in three Britons targeted by COVID-19 scams

by | Jun 18, 2020 | Covid-19, Cybercrime

With coronavirus never out of the news and concern for protecting self, family, livelihood and business the main priority, scammers are increasingly using Covid-19 as their hook.

The legal charity, Citizens Advice, is reporting a 19% increase in visitors requesting support, with one in three Britons saying they’ve been the target of a scam of some sort, and a growing number of people reporting scams involving fraudulent claims about virus vaccines and testing kits, or financial support, including government refunds.

Infosecurity Magazine reports that since 23 March 2020, HMRC (Her Majesty’s Revenue and Customs) has requested that internet service providers take down 292 fraudulent Covid-19 focused web addresses. And the UK’s National Security Cyber Centre has removed more than 2,000 online scams exploiting coronavirus, which include online ’shops’ offering fake virus-related items, and sites probing for personal details – financial information, passwords, etc.

Phishing emails

Email remains an essential form of communication, particularly in these days of lockdown with so many employees utilising remote working. As such, the phishing email has become a major channel for coronavirus scams. Many of these phishing scams profess to come from a well-known and trusted organisation or authority.

A recently reported scam featured an email alleging to come from HMRC, informing the recipient of a tax refund due as a result of the government listing coronavirus as “a notifiable disease in law”. The link to access the refund takes the scam victim to a fake HMRC webpage, where they are required to input personal financial details.

Bank details, phone numbers, passwords – this is all information that scammers hope to gather. Recent months have also seen an increase in cybercriminals pretending to represent charities and asking for straight donations to fund vaccine development, for example, or help those in need due to the pandemic, and often in the form of cryptocurrency, such as Bitcoin.

Spotting phishing emails

In many cases, these phishing emails are easy to spot – badly written with typos, spelling errors, and incorrect grammar. They also often seem to be the result of a crude translation from a foreign language – and would be funny if they didn’t have such a dangerous intent.

Another phishing email recently reported claims to come from a doctor with details of a vaccine currently being withheld from the public by the Chinese and UK governments – the link in the email leads to a fraudulent webpage again requesting personal details.

The text should give a clue as to the legitimacy – or rather illegitimacy – of the email, including such sentences as:

“We know that the world has been struggling to contain this deadly virus developed and sprayed by wicked scientists to reduce the population of the world so the government will have control over you.”

And,

“This coronavirus is a weapon created to discredit rival government health systems or the other way to control the citizens of the world but due to some people like us and our medical teams hate the injustice going in this world.”

And, even the less ludicrous, but oddly worded final sentence should start alarm bells ringing:

“For those interested to secure their lives, kindly reply and get more information about shipping or delivery to you and private distribution.”

And it’s unlikely that the World Health Organisation (WHO) would advise on how to safeguard against the spread of coronavirus, with:

“This little measure can save you.”

Safeguarding against phishing

It’s essential to ensure that employees are safeguarding to prevent falling victim to these phishing scams, particularly as they’re not always as easy to spot as the ones detailed above.

Confirming the validity of an unsolicited email by speaking with the organisation it’s coming from – or supposedly coming from – is a good starting point; as is going directly to their website, rather than following a link in the email.

And of course, there are IT solutions and products that can help significantly with safeguarding – we’re here to advise you on the right ones for your business and give you all the help you need.

 

Related Articles

How SMBs can benefit from an eSignature solution

How SMBs can benefit from an eSignature solution

Small and medium businesses are constantly looking for ways to deliver excellent customer service, whilst saving time and money. To achieve these goals, businesses look towards digital technologies to transform the way they work. An example of this is an eSignature...

Why businesses should implement single sign-on (SSO)

Why businesses should implement single sign-on (SSO)

Businesses typically have subscriptions to many different cloud services, including everything from Microsoft 365 products to workforce management software. With so many cloud services requiring unique login credentials, employees often reuse passwords between...

~ Your 2023 guide to migrating SQL Server to Microsoft Azure

~ Your 2023 guide to migrating SQL Server to Microsoft Azure

As Microsoft SQL Server 2012  reached its end of life in 2022, businesses still using the service will have to upgrade their SQL server to a more recent instance or migrate to Microsoft Azure. If businesses do not upgrade or migrate, they will no longer receive...