CORONAVIRUS - FRAUD - 15.04.2020

Watch out for the fraudsters

The last thing any business needs right now is to be hit by a malware attack or phishing scam. However, Action Fraud has logged a sharp increase in coronavirus-related fraud since February 2020, with total losses amounting to nearly £970,000. How can you protect against it?

Is homeworking putting you at risk?

Businesses have less control over homeworkers’ online activity, and the boundaries between work and home are particularly blurred during the current lockdown conditions. Employees are understandably preoccupied and may be less vigilant than usual. They will also be keeping a close eye on the news and social media, increasing exposure to potentially unreliable websites.

Tip. This may be the last thing your staff are expecting to deal with, so alert them to the scams doing the rounds, and the action they should take to protect company data and funds.

Tactics

The scammers employ the usual range of tactics, exploiting the concerns of individuals and businesses. New and increasingly sophisticated ploys are emerging every day; those noted so far include:

  • selling bogus or non-existent products online, such as hand sanitiser and self-testing kits
  • lender loan fraud, where the victim replies to an ad offering a quick turnaround loan, pays an “arrangement fee” and never hears from the bogus loan company again
  • credential-stealing, for example by getting victims to sign up for updates on the coronavirus or donate to a non-existent charity; and
  • malware that encrypts devices and blocks access to or steals data. The fraudsters then demand a ransom or use or sell on the confidential information. Malware has been found masquerading as applications for monitoring the spread of the virus, e.g. Covidlock, and attached to phishing emails, e.g. BlackWater.

Awareness

Provide your staff with clear instructions on how to avoid the cons and what to do if they believe they have been targeted. Consider sending an email to all homeworkers, reminding them:

  • to use company IT equipment and resources for work, if provided. These should have suitable anti-virus and verified software installed
  • if they are using their own equipment, to install suitable anti-virus software
  • not to open any suspicious communication, whether professional or personal
  • to check the sender and the subject of any communication before downloading any files attached or links within the body of the text
  • if staff have any doubts about an email, to delete it without opening it
  • to be particularly alert to communications about coronavirus, even if they purport to come from a government source. Some reported scams claim to come from official organisations, such as the World Health Organisation and HMRC.

Tip. Encourage staff to report any suspicious activity to IT support, if you have it, giving them a named contact who can provide advice and technical help. This person should report cyber fraud to Action Fraud (see The next step ).

For a link to Action Fraud, visit http://tipsandadvice-business.co.uk/download (CD 21.14.06).

It’s difficult to believe that criminals would exploit the current situation, but this lack of suspicion is exactly what they are banking on. As it can be hard to keep tabs on the online activity of homeworkers, make sure your IT security software is up to date and provide staff with information on what to do if they encounter a likely scam.

The next step

© Indicator - FL Memo Ltd

Tel.: (01233) 653500 • Fax: (01233) 647100

subscriptions@indicator-flm.co.ukwww.indicator-flm.co.uk

Calgarth House, 39-41 Bank Street, Ashford, Kent TN23 1DQ

VAT GB 726 598 394 • Registered in England • Company Registration No. 3599719