As if one dangerous pandemic wasn’t enough, the coronavirus has led to a second – that of an explosion in cyber fraud and online abuse. Just as we have all had to adapt to rapidly changing and hitherto unprecedented events, so have the criminals.
International organised crime syndicates and unscrupulous individuals have moved quickly to exploit many national and local government relief programmes, as well as targeting the large numbers of home-located workers who may not have the same levels of online security features they would have at their usual workplaces.
The number of scams targeted at home-workers and people who have recently been laid off or furloughed have been worrying. Examples such as the emailed malicious files sent under subjects like ‘applying for a job’ and ‘medical leave application’, have meant that HMRC have been forced to tackle almost 300 new phishing websites specifically targeting victims with subjects relating to coronavirus.
The first to publish a list of coronavirus related scams has been the Chartered Trading Standards Institute. Since early March the CTSI has witnessed what it describes as ‘an avalanche of scams drop on UK consumers.’ The scams have covered every conceivable delivery method: doorstep, telephone, social media, text and email, all themed around the COVID-19 pandemic.
Many of these purported to be from HMRC offering a fake tax rebate, supposedly from the government, to ‘give a helping hand’ financially during the pandemic. Tellingly, it asks for the recipient’s credit card details – always a red flag to those in the know – but not always as obvious to the vulnerable and elderly. HMRC have advised the public that all of these messages are fraudulent, stating it will never text, email or phone to ask for bank details, PIN or passwords.
Going further, the United Kingdom National Cyber Security Centre has partnered with the United States Department of Homeland Security to publish an advisory paper, warning citizens about the potential threat from phishing scams perpetrated by ‘malicious cyber actors’ during the coronavirus pandemic. This can be downloaded here.
Social media has, likewise, seen an increase in fraudulent activity relating to COVID-19, with the prevalent appearance of quizzes supposedly aimed at testing your COVID-19 knowledge, actually designed to illicit personal data from the quiz participant.
Test and trace
There is understandably some concern and scepticism from the public about the test and trace technology being proposed to tackle the pandemic. How will data be gathered safely, without security breaches? How much data will be collected and saved? And what will be done with the data once it is gathered?
And the issues are not only limited to a case of who we can trust with the information it gathers. Even before the government’s own test and trace app is up and running, it is already being scammed. Before people are familiar with the setup of such technology, they are many times more vulnerable to exploitation, and Police have already seen some scam texts and emails in circulation.
While it is fairly simple for criminals to fake official phone numbers, it‘s far harder to mimic an official website address. Though at first glance the website layout may seem authentic enough, it is wise to check the address in the search bar and cross reference with the official government site, which can be accessed here. If you think you have been sent a scam message at any time you should report it to Action Fraud.
Businesses affected by cyber-crime
As many UK businesses begin to emerge from the lockdown, they are starting to see how unattended premises may have been affected by criminal behaviour and ‘unauthorised occupation’ in a physical sense. Likewise, the Digital Policy Alliance cybersecurity group is looking into the need for co-operation between industry and law enforcement to deal with the issues surrounding ‘unauthorised occupation’ of computer systems. Many business owners thought their servers were safe while being left unattended (and off) during the lockdown, but this is not always the case. The Home Office has helpfully provided specific advice on how to protect your business from fraud and cyber-crime during the pandemic. It can be viewed here.
If you or your business require any further advice to keep yourselves cyber-safe during this period (and after), please contact us on 01792 439087 or firstname.lastname@example.org
Having a sufficient IT infrastructure is a fundamental component to any organisation that wants to function efficiently and effectively in this economic market.
The UK has recently opened its new National Cyber Security Centre, which is part of a £1.9bn five-year strategy by the UK government to tackle cyber crime.