It seems those pesky scammers are using COVID-19 as their hook into one in three Britons systems!

The legal charity, Citizens Advice, is reporting a 19% increase in visitors requesting support, with one in three Britons saying they’ve been the target of a scam of some sort, and a growing number of people reporting scams involving fraudulent claims about virus vaccines and testing kits, or financial support, including government refunds. 

Infosecurity Magazine reports that since 23 March 2020, HMRC (Her Majesty’s Revenue and Customs) has requested that internet service providers take down 292 fraudulent COVID-19 focused web addresses. And the UK’s National Security Cyber Centre has removed more than 2,000 online scams exploiting coronavirus, which include online ’shops’ offering fake virus-related items, and sites probing for personal details – financial information, passwords, etc.

Email remains an essential form of communication, particularly in these days of lockdown with so many employees utilising remote working. As such, the phishing email has become a major channel for coronavirus scams. Many of these phishing scams profess to come from a well-known and trusted organisation or authority.

A recently reported scam featured an email alleging to come from HMRC, informing the recipient of a tax refund due as a result of the government listing coronavirus as “a notifiable disease in law”. The link to access the refund takes the scam victim to a fake HMRC webpage, where they are required to input personal financial details.

Bank details, phone numbers, passwords – this is all information that scammers hope to gather. Recent months have also seen an increase in cybercriminals pretending to represent charities and asking for straight donations to fund vaccine development, for example, or help those in need due to the pandemic, and often in the form of cryptocurrency, such as Bitcoin.

In many cases, these phishing emails are easy to spot – badly written with typos, spelling errors, and incorrect grammar. They also often seem to be the result of a crude translation from a foreign language – and would be funny if they didn’t have such a dangerous intent.

Another phishing email recently reported claims to come from a doctor with details of a vaccine currently being withheld from the public by the Chinese and UK governments – the link in the email leads to a fraudulent webpage again requesting personal details.

The text should give a clue as to the legitimacy – or rather illegitimacy – of the email, including such sentences as:

“We know that the world has been struggling to contain this deadly virus developed and sprayed by wicked scientists to reduce the population of the world so the government will have control over you.”

And,

“This coronavirus is a weapon created to discredit rival government health systems or the other way to control the citizens of the world but due to some people like us and our medical teams hate the injustice going in this world.”

And, even the less ludicrous, but oddly worded final sentence should start alarm bells ringing:

“For those interested to secure their lives, kindly reply and get more information about shipping or delivery to you and private distribution.”

And it’s unlikely that the World Health Organisation (WHO) would advise on how to safeguard against the spread of coronavirus, with:

“This little measure can save you.”

It’s essential to ensure that employees are safeguarding to prevent falling victim to these phishing scams, particularly as they’re not always as easy to spot as the ones detailed above.

Confirming the validity of an unsolicited email by speaking with the organisation it’s coming from – or supposedly coming from – is a good starting point; as is going directly to their website, rather than following a link in the email.

And of course, there are IT solutions and products that can help significantly with safeguarding – we’re here to advise you on the right ones for your business and give you all the help you need.