COVID-19 Fraud Update
As of 4th April 2020, more than 500 COVID-19 related scams and over 2000 phishing attempts by criminals seeking to exploit fears over the pandemic have been reported to UK investigators. It’s sad that the majority of these are targeted at elderly people who are self-isolating. The types of scams experienced are listed below:
- Online shopping scams where face masks, sanitiser, supplements, PPE and vaccine test kits have been ordered and not delivered or they turn out to be counterfeit and therefore possibly dangerous goods. It’s good to see that Amazon have taken steps to remove over one million products (worldwide) that are either priced unfairly or made false claims.
- Charity fraud (new charities created – eg for NHS fund raising) or fake e-mail purporting to be from HMRC asking for donations to the NHS. Fraudsters providing articles about the virus outbreak with a link to a fake company website where victims are encouraged to click to subscribe to a daily newsletter for further updates.
- Doorstep crime – While there are genuine groups of volunteers providing help during self-isolation, there have been reports of criminals preying on residents – often older people or people living with long-term health conditions – by cold-calling at their homes and offering to go to the shops for them. The criminals often claim to represent charities to help them appear legitimate before taking the victim’s money. There are genuine charities providing support, so consumers should be vigilant and ask for ID from anyone claiming to represent a charity. Some scammers offer to provide services like cleaning drives and doorways to kill bacteria and prevent the spread of the virus.
- Refund scams – companies offering fake holiday refunds for individuals who have been forced to cancel holidays.
- Fraudsters sending investment scheme and trading advice encouraging people to take advantage of the coronavirus downturn.
- Telephone scams – these are likely to be on the increase with more people isolating at home.
- Loan sharks – illegal money lenders will exploit people’s financial hardship offering money at extortionate interest rates and fees. Threats and violence may follow.
- Universal Credit Scammers: Benefit claimants are being targeted by scammers promising a low-cost loan or a grant from the government. What they don’t tell you is that the money you’ll receive is actually an advance for Universal Credit. After the fraudsters have taken their cut of your advance, victims are left to pay back the total amount after their Universal Credit payments begin. One scammer took £1,000 as their “fee” from a payment of £1,525. Victims have included vulnerable people such as those who are out of work, homeless or have drug dependency issues.
According to the DWP, 10% of new Universal Credit claims could be fraudulent. Victims have included vulnerable people such as those who are out of work, homeless or have drug dependency issues.
- Bogus healthcare workers are knocking on doors claiming to be offering ‘home-testing’ for COVID-19.
- Fraudsters capitalising on the fact that banks are closed and encouraging people to switch to online banking.
- Cyber criminals are looking to profit from pandemic fears –using concerns about a human transmitted virus to spread a computer virus
- COVID-19 phishing e-mails – fraudsters mimic WHO (World Health Organisation) and CDC (Centre for Disease Control) and claim to provide a list of active infections in an area, which, when clicked on, moves to a credential stealing page, or requests a donation into a Bitcoin account.
- Smartphones – malicious text messages are circulating that promise to track the spread of the virus in real time so that you can be alerted to what’s happening in your area. Any attachments, if opened, can listen to your microphone, observe through your camera and comb through your messages. Some messages claim to link you to free masks from the Red Cross.
- Official looking messages from the government telling people they have been fined £250 for leaving their home more than once during lockdown.
Here’s some suggestions to escalate your security savviness:
- Think before you click. Never open an attachment or click on a link from senders you don’t recognize. Even if you think you know the sender, if it seems odd they’d send you information like this, contact them (in another way) to confirm it’s the real deal (take note of new Facebook Messenger scams that look like they’re from friends).
- Verify the source. If you get an email, text or phone call that asks you to urgently confirm your personal or financial information, it’s fake. HMRC or your bank will never ask for sensitive information in this way. When in doubt, call the organisation to ask if it was them (chances are, it won’t be). Make a report to Action Fraud and the Police if you have lost money.
- Watch out for others. Warn your loved ones – especially those less tech-savvy or the elderly – about the increased likelihood of scammers trying to defraud through email, text message, social media or even a phone call.
- Practice password safety. Create long and complicated passwords (or passphrases), don’t use the same ones for all your online activity and change them every month or two. You can use a trusted password manager.
- Play defence. Install good cybersecurity software on all your devices and ensure you set to auto-update, in order to protect you from the latest malware and other threats. Free cybersecurity software is better than none at all, but it’s prudent to invest in a reputable and comprehensive paid version of anti-malware software.
- Be wise on Wi-Fi. Even though we’re not going out much these days, don’t use free public Wi-Fi as you’re more at risk compared to browsing on a private wireless network at home (or turn your smartphone into a hotspot, as it’s also more secure). Remain anonymous online by using a VPN (Virtual Private Network).
- Shop securely. Stick with reputable retailers when giving out your credit card info and look for indicators that the site is secure, such as a little lock icon on the browser’s status bar or a URL for a website that begins with “https” (the “s” stands for “secure”).If you’re making a purchase from a company or person you don’t know and trust, carry out some research first, and ask a friend or family member for advice before completing the purchase. If you decide to go ahead with the purchase, use a credit card if you have one, as most major credit card providers insure online purchases. Regularly check your bank statements and credit card bill for anything suspicious charges.
- Have a backup plan. Finally, proactively back up your important information on a regular basis. That way, if you fall victim to a virus or ransomware and have trouble retrieving your information, it won’t sting so much if you’ve already put your important files onto a USB stick or external hard drive, or uploaded them to a cloud service.
Action Fraud is currently operating a reduced service – callers can be expected to have increased waiting times to get through.
The FCA (Financial Conduct Authority) in its latest business plan, has highlighted tackling investment scams as one it’s top five priorities for the next 3 years and states that ‘helping consumers avoid the scams that spring up as the pandemic develops’. The new interim chief executive Chris Woolward has said ‘Coronvirus has altered the financial landscape dramatically. It is more important than ever that the FCA leads the way on protecting customers, firms and the markets’.
Caseworker – Victim First