As the UK battles the COVID-19 virus, fraudsters are moving in to take advantage of the crisis and the rising numbers suggest there could well be a crime as well as a health pandemic.
UK reporting service, Action Fraud, said since 1 February 2020, Coronavirus related fraud reports are up 400%, stating some 105 reports had been made, with total losses of almost £970,000. As cases of the virus and public anxiety rise, so too are the number of scams. It said the first report relating to the virus was received on 9 February and there were a further 20 more reports that month. Since then, there have been 46 reports between 1-13 March and 38 reports in the four days from 14-18 March.
What kinds of scam?
Many of these are phishing scams with attempts made to obtain money, data or to infect with malware. Some of the examples include:
- Bogus emails from HMRC, a perennial favourite with fraudsters, and which claim to offer individuals tax refunds ‘to deal with the outbreak’.
- Investment companies offering the chance to profit from ‘cures’ and once funds are received, then the stock prices will soar.
- Another email from a phoney World Health Organisation says clicking on a link will provide details of ‘safety measures’ that could ‘save’ the individual. However, instead if they do this, the computer will be infected with a malware called AgentTesla Keylogger. This records each keystroke, sending the data to the attackers, and means they can monitor victims' online activity.
- A further email, from a purported Center for Disease Control and Protection, which is likely only to appeal to the more gullible, says a vaccine is close to being developed, but this can only happen if a donation in Bitcoin is made.
Meanwhile other scams include online shopping fraud, where people have ordered products that are subject to shortages, such as face masks and hand sanitiser, which have failed to arrive.
Global regulators take action
Clearly, it is not just the UK which is being targeted. Fraudsters will typically send many thousands of emails to people globally and a BBC report said it had been made aware of phishing emails being sent in English, French, Italian, Japanese, and Turkish languages.
Scammers are looking to capitalise on uncertainty and fear, and so should regulators be ensuring that clear warnings are being issued?
Looking at the global picture, regulatory consultant Bovill has said that COVID-19 could lead to a “surge in cyber-crime”. It argued that UK regulators needed to do more and pointed out that regulators in Asia and the US were taking action to warn consumers about the risks. For example, the Monetary Authority of Singapore has issued a warning about a large number of fraudsters impersonating bank staff and asking for bank details in a bid to capitalise on customer confusion.
In the US, the Securities and Exchange Commission has warned of the rise in investment fraudsters promoting COVID-19 related fake cures. As yet though, the FCA has yet to release an explicit warning about the risks of scams, which could target both individuals and businesses.
According to Ed O’Bree, a partner at Bovill:
“While there has been substantial advice from overseas regulators on Coronavirus related cyber scams, we have not yet seen anything from the FCA. It is surprising that the UK regulators are not warning consumers to be vigilant about financial scams linked to Coronavirus, given the huge scope for fraud and scams thrown up by public anxiety about the pandemic.”
It is also likely that older and more vulnerable people are going to be particularly at risk from such scams and this is certainly an area that the FCA is focused on. However, with so much information coming out from the government and a myriad of other sources and in a situation that is changing rapidly, it is to be hoped that any such warnings will be heard loud and clear.
Xactium Risk provides businesses with a secure cloud-based platform on which to capture, track and report on all risk activity, including risk events, with ease.