Coronavirus fraud warnings as Britons lose £800,000 since outbreak arrived

Experts warn of bogus emails urging readers to click on fake Covid-19 update links

Kate Hughes
Money Editor
Tuesday 17 March 2020 09:57 EDT
Comments
Scammers are creating fraudulent websites to sell fake antiviral equipment
Scammers are creating fraudulent websites to sell fake antiviral equipment (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The public are being urged to follow online safety advice as evidence emerges that criminals are exploiting the coronavirus pandemic online.

In a rare public statement, experts from the National Cyber Security Centre (NCSC) have revealed a range of attacks being perpetrated online as cyber criminals seek to exploit Covid-19.

Techniques include bogus emails with links claiming to have important updates on the virus which, once clicked on, lead to the device being infected.

Others claim to be able to provide the recipient with a list of coronavirus-infected people in their area. In order to access this information, the victim needs to click on a link, which leads to a malicious website, or is asked to make a payment in bitcoin.

These “phishing” attempts have been seen in several countries and can lead to loss of money and sensitive data.

There has also been an increase in the registration of webpages relating to the coronavirus, suggesting that cybercriminals are likely to be taking advantage of the outbreak.

A part of GCHQ, the NCSC was created to keep the UK safe online, and is now urging businesses and the public to consult its online guidance, including how to spot and deal with suspicious emails as well as mitigate and defend against malware and ransomware.

“We know that cybercriminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the coronavirus outbreak,” said Paul Chichester, director of operations at the NCSC.

“Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails.”

If you do fall victim to a phishing attempt, report it to Action Fraud as soon as possible, he added.

These attacks are versatile, conducted through various media, are adapted to different sectors and monetised in different ways, including ransomware, credential theft, bitcoin or fraud.

In recent days, and as the real crisis and the official communication around it intensifies, the NCSC has put new measures in place to automatically discover and remove malicious sites which serve phishing and malware.

But with the world’s consumers remaining susceptible to these techniques, and if the outbreak continues to grow rapidly, the volume of such attacks is only likely to rise.

Name drop

Since the coronavirus pandemic outbreak began, scammers have had no qualms in taking full advantage of the prominence of and reliance upon organisations like the World Health Organsation (WHO) which last month warned of fraudulent emails sent by criminals posing as part of the specialist United Nations agency.

It followed a warning from the US Federal Trade Commission about scammers spreading phishing “clickbait” via email and social media, as well as creating fraudulent websites to sell fake antiviral equipment.

Cybercriminals have also impersonated the US Centre for Disease Control (CDC), creating domain names similar to the CDC’s web address to request passwords and even bitcoin donations to fund a fake vaccine.

And in January, attackers spread the Emotet banking trojan in Japan by posing as a state welfare provider to distribute infected Word documents. Similar operations have been observed in Indonesia, the US and Italy, with attackers attempting to spread the Lokibot infostealer, Remcos RAT and other malware.

Individuals in the UK have also been targeted by coronavirus-themed phishing emails with infected attachments containing fictitious “safety measures”. Such attacks have recently become more targeted, with greater numbers focusing on specific sectors like shipping, transport or retail to increase the likelihood of success.

But coronavirus-related scams don’t always rely on phishing email fake health update links to defraud victims.

The National Fraud Intelligence Bureau has already identified 21 reports of fraud where coronavirus was mentioned, with victim losses totalling more than £800,000.

Of the 21 reports, 10 were made by victims that attempted to purchase protective face masks from fraudulent sellers. One victim reported losing over £15,000 when they purchased face masks that were never delivered.

The good news

But as the criminal barrage on unwitting consumers desperate for information and reassurance continues, the attitude towards defrauded banking customers is shifting.

This week TSB claimed that every customer that was an innocent victim of fraud has received full reimbursement since the bank’s fraud refund guarantee scheme was introduced in April 2019.

That includes 99 per cent of all authorised push payment (APP) fraud cases where a customer has been tricked into sending a payment to a fraudulent account. TSB rejected less than one per cent of customers whose claims were found to be fraudulent with the customer complicit in the case.

Across the industry fraud continues to impact customers, with UK Finance figures showing rising losses – £146.5m lost in the first half of 2019 to personal account holders and with an industry-wide reimbursement rate of 17.5 per cent.

Gareth Shaw, head of money at Which?, said: “TSB has led the way in recognising that banks need to take much greater responsibility for refunding customers when they are scammed, especially given that many people end up losing life-changing sums of money to this type of crime.

“In order to properly tackle the fraud crisis, it is vital for all banks to commit to basic name-check security measures, and the whole industry should sign up and follow through on the protections offered by the scams code.

“If the banks fall short of making these commitments themselves, these initiatives must be made mandatory by the government,” he warned.

How to protect yourself from coronavirus (and other) scams

Watch out for scam messages. Don’t click on the links or attachments in suspicious emails, and never respond to unsolicited messages and calls that ask for your personal or financial details.

If you’re making a purchase from a company or person you don’t know and trust, carry out some research first, and ask a friend or family member for advice before completing the purchase. If you decide to go ahead with the purchase, use a credit card if you have one, as most major credit card providers insure online purchases.

Protect your devices from the latest threats. Always instal the latest software and app updates to protect your devices from the latest threats. There’s more information here on how to update your devices.

Go the NHS website for more details about how to stay safe during the Covid-19 outbreak.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in