Watch out for these COVID-19 cyberscams
According to Action Fraud, criminals are exploiting the COVID-19 pandemic to defraud innocent people. And, in March 2020, coronavirus-related fraud reports increased by 400%. At Hayes Connor, we join Action Fraud in warning people to be on their guard during the current pandemic - and beyond. Here are just some of the COVID-19 cyber scams you should look out for.
Messages claiming to offer financial help or refunds
People have reported receiving texts and emails which appear to be from government departments claiming to offer COVID-19 financial help. For example, messages from HMRC offering a tax refund in return for personal or financial information.
You mustn't click on these links as they could take you to fake websites or install malware on your devices. And never hand over your sensitive details. Instead, always contact organisations directly using a known email or telephone number to check their validity (and be aware that criminals can make an incoming call look like it is coming from a genuine number).
Coronavirus related fine messages
As well as messages offering financial help, criminals are also using "spoofing" to make it look like people are being contacted by a genuine organisation to "issue fines" for breaches of the current rules. Please report spam texts by forwarding them to 7726. All telephone operators now use this number.
Online shopping scams
There have been many online shopping scams reported since the coronavirus outbreak. According to The National Cyber Security Centre, it removed 471 fake online shops selling fraudulent coronavirus related items last month. People have ordered protective face masks, hand sanitiser, and other products, which have never arrived. Also, fraudsters are selling fake medical products which they claim can treat or prevent coronavirus.
Be careful when making a purchase from a company or person you don't know and trust. And, if you decide to go ahead, use a credit card if you have one. Most major credit card providers insure online purchases.
People should also watch out for fake messages that purport to be from a supermarket. One such email states that Tesco is offering free vouchers during the coronavirus outbreak. The link leads to a website that is designed to steal login credentials as well as personal and financial information. Again, never click on any links or attachments in suspicious emails/texts and never respond to messages that ask for your personal/financial information.
People have received phishing emails claiming to be from groups such as the Centre for Disease Control and Prevention (CDC) and the World Health Organisation (WHO). They say that they can provide the intended victim with a list of active infections in their area. To access this information people need to either click on a link which redirects to a credential-stealing page or make a donation of support (e.g. into a Bitcoin account).
We have also heard about phishing emails which provide articles about the virus outbreak with links to subscribe to a daily newsletter for further updates. And emails which send investment scheme and trading advice encouraging people to take advantage of the coronavirus downturn. We would advise people not to click on these links and not to hand over any money.
Messages asking for donations to the NHS
We all want to do our bit during this challenging time, and some cybercriminals are attempting to capitalise on the good nature of the UK public by sending scam messages asking for donations to the NHS.
The NHS will never contact you to ask directly for money. And you should not click on any links or attachments, or handover your personal/financial information. Instead, if you do want to donate to the NHS, please use their official channels.
How to flag coronavirus related email scams
The National Cyber Security Centre has launched a cross-governmental Cyber Aware campaign. This offers actionable advice for people to protect passwords, accounts and devices. It has also launched a new Suspicious Email Reporting Service, to make it easier for people to report dubious communications - including those related to coronavirus.
To use the service, please forward emails to firstname.lastname@example.org. Any sites found to be phishing scams will be removed immediately. However, if you have lost any money due to a scam, you should tell your bank and report the crime to Action Fraud immediately.
For more advice on how to keep your data safe, follow Hayes Connor onTwitterandFacebook. Alternatively, if you have been the victim of a data breach or cyber fraud,find out how we can help you to recover any losses. Or give us a call to discuss your case in more depth.