The North West Regional Organised Crime Unit has shared guidance to inform the public of the online scam and fraud threat posed during the COVID-19 outbreak
This page was updated on 12 November 2020.
Following government guidance on fraud control during emergency situations, the North West Regional Organised Crime Unit is encouraging the public to be extra vigilant during these times and extremely cautious when sharing personal and financial details online.
Common online scams include:
- Government impersonation fraud (including impersonation of other established organisations such as the World Health Organisation)
- Online shopping fraud
- Computer software service fraud and
- Mandate Fraud
During these past few months, there has been a resurgence of fraudulent government websites trying to capitalise on the emergency measures and schemes being announced to support businesses and individuals.
Most recently, phishing emails seeking to target those eligible for the extended business support grants have also been reported.
In all cases it is advised to follow the Stop. Challenge. Protect. technique to minimise and mitigate risk created by criminals impersonating people, businesses, other organisations, government and the police.
Specifically, for each type of fraud, the following considerations have been shared:
Government impersonation fraud
For fraud relating to government pages please be aware of the following:
- HMRC has publicised examples of multiple channels used for scams, these include an email phishing campaign, SMS messages, bogus phone calls, social media, WhatsApp messages and fake websites. You can find examples with recommendations from HMRC here.
- HMRC will never send notifications by email about tax rebates or refunds.
- HMRC will never ask for personal or financial information when they send text messages.
- HMRC will never use ‘WhatsApp’ to contact customers about a tax refund.
- The government has released examples of scam emails relating to free school meals requesting from parents/carers to respond with their bank details in order to be supported. These are not genuine and parents/carers are urged to not respond and delete immediately.
- Check the page’s URL. The government’s official website has a “gov.uk” URL and not a “.com” one.
- Check the spelling in the URL. Fraudulent webpages have included ones listed as uk-covid-19-relieve.com
- Check the links on the suspicious page. If clicking on other links around the page does not lead to new pages, there is a high chance that this is a fraudulent webpage.
The official government website is: www.gov.uk
The COVID-19 outbreak has also seen a rise in fraudulent webpages and communications impersonating other established organisations such the WHO, the US Centre for Disease Control (CDC), as well as John Hopkins University (JHU). The WHO has ever since released guidance to support the international community spot suspicious emails and messaging relating to the organisation. Information has also been released to inform the public of the malicious website “corona-virus-map[dot]com” simulating JHU’s map for Coronavirus COVID-19 Global Cases.
Online shopping fraud
- Conduct research before making a purchase from an unknown person or business and seek advice from your family and friends
- Challenge questionable emails and never respond to any requesting personal or financial details
- Avoid using bank transfer as the payment method as this provides less protection in the event that you fall victim of an online fraud. Opt for a credit card or trusted online payments systems like PayPal
- If a payment has been made and you suspect fraud, inform your bank as soon as possible
During March 2020, Action Fraud reported a 400% increase in Coronavirus related fraud and has therefore urged the public to be extra vigilant.
Alongside the medical and healthcare sector, cyber-attacks have also been reported in the global shipping industry with coronavirus-related communications containing malicious attachments being received. Extreme caution has therefore been advised for employers and employees working in the sector.
On Jun 15, research by Citizens Advice revealed that more than 35% of the British population had been targeted by a scammer during the COVID-19 lockdown.
Computer software service fraud
- Never install software or grant remote access following a cold call from an unknown source. If you have, seek technical support from a trusted source.
- In all cases, if in need of technical support, avoid services promoted via browser pop-ups and opt for sources like friends and family as a first point of contact
- Remember that genuine organisations will never contact you randomly to request banking details (PIN, passwords etc.)
- Check and verify requests to transfer payments into new bank accounts
- Ensure secure storage of sensitive financial information and allow access only to designated employees.
- Establish internal processes to ensure only assigned employees have access to change payment arrangements
Government guidance can be seen here. The government has also released a list of sources parents/carers can utilise to ensure children’s safety online. Additional advice can be seen via End Violence Against Children's, Stay Safe Online page.
Visit our FAQs page for more Coronavirus Business related information