" " " " Skip to content
Northern Powerhouse European Union

Cyber crime awareness during the Coronavirus outbreak

The North West Regional Organised Crime Unit has shared guidance to inform the public of the online scam and fraud threat posed during the COVID-19 outbreak

This page was updated on 27 January 2021.

January update: COVID-19 Vaccine Fraud 

The Government's Counter Fraud Function is warning the public to remain vigilant as criminals are using the COVID-19 vaccine as a way to commit fraud. 

Individuals are advised that the NHS will never:

  • ask you for your bank account or card details as the vaccine is provided free of charge
  • ask you for your PIN or banking password
  • arrive unannounced at your home to administer the vaccine
  • ask you to prove your identity by sending copies of personal documents such as your passport, driving licence, bills or payslips.  

If you receive a call you believe to be fraudulent, you should hang up.

If you are suspicious about an email you have received, you should forward it to report@phishing.gov.uk whilst any suspicious text messages should be forwarded to the number 7726 which is free of charge.

Cybercrime awareness during the pandemic 

Following government guidance on fraud control during emergency situations, the North West Regional Organised Crime Unit is encouraging the public to be extra vigilant during these times and extremely cautious when sharing personal and financial details online.  

Common online scams include: 

  • Government impersonation fraud (including impersonation of other established organisations such as the World Health Organisation)  
  • Online shopping fraud  
  • Computer software service fraud and 
  • Mandate Fraud 

During these past few months, there has been a resurgence of fraudulent government websites trying to capitalise on the emergency measures and schemes being announced to support businesses and individuals.  

Most recently, phishing emails seeking to target those eligible for the extended business support grants have also been reported.

In all cases it is advised to follow the Stop. Challenge. Protect. technique to minimise and mitigate risk created by criminals impersonating people, businesses, other organisations, government and the police. 

Specifically, for each type of fraud, the following considerations have been shared: 

Government impersonation fraud 

For fraud relating to government pages please be aware of the following 

  • HMRC has publicised examples of multiple channels used for scams, these include an email phishing campaign, SMS messages, bogus phone calls, social media, WhatsApp messages and fake websites. You can find examples with recommendations from HMRC here.  
  • HMRC will never send notifications by email about tax rebates or refunds.  
  • HMRC will never ask for personal or financial information when they send text messages. 
  • HMRC will never use ‘WhatsApp’ to contact customers about a tax refund.  
  • The government has released examples of scam emails relating to free school meals requesting from parents/carers to respond with their bank details in order to be supported. These are not genuine and parents/carers are urged to not respond and delete immediately.
  • Check the page’s URL. The government’s official website has a “gov.uk” URL and not a “.com” one. 
  • Check the spelling in the URL. Fraudulent webpages have included ones listed as uk-covid-19-relieve.com  
  • Check the links on the suspicious page. If clicking on other links around the page does not lead to new pages, there is a high chance that this is a fraudulent webpage. 

The official government website is: www.gov.uk  

The COVID-19 outbreak has also seen a rise in fraudulent webpages and communications impersonating other established organisations such the WHO, the US Centre for Disease Control (CDC), as well as John Hopkins University (JHU). The WHO has ever since released guidance to support the international community spot suspicious emails and messaging relating to the organisation. Information has also been released to inform the public of the malicious website “corona-virus-map[dot]com”  simulating JHU’s map for Coronavirus COVID-19 Global Cases.

Online shopping fraud  

  • Conduct research before making a purchase from an unknown person or business and seek advice from your family and friends 
  • Challenge questionable emails and never respond to any requesting personal or financial details 
  • Avoid using bank transfer as the payment method as this provides less protection in the event that you fall victim of an online fraud. Opt for a credit card or trusted online payments systems like PayPal 
  • If a payment has been made and you suspect fraud, inform your bank as soon as possible 

During March 2020, Action Fraud reported a 400% increase in Coronavirus related fraud and has therefore urged the public to be extra vigilant. 

Alongside the medical and healthcare sector, cyber-attacks have also been reported in the global shipping industry with coronavirus-related communications containing malicious attachments being received. Extreme caution has therefore been advised for employers and employees working in the sector.

On Jun 15, research by Citizens Advice revealed that more than 35% of the British population had been targeted by a scammer during the COVID-19 lockdown. 

 Computer software service fraud  

  • Never install software or grant remote access following a cold call from an unknown source. If you have, seek technical support from a trusted source. 
  • In all cases, if in need of technical support, avoid services promoted via browser pop-ups and opt for sources like friends and family as a first point of contact 
  • Remember that genuine organisations will never contact you randomly to request banking details (PIN, passwords etc.) 

Mandate Fraud 

  • Check and verify requests to transfer payments into new bank accounts 
  • Ensure secure storage of sensitive financial information and allow access only to designated employees.  
  • Establish internal processes to ensure only assigned employees have access to change payment arrangements 

Government guidance can be seen here. The government has also released a list of sources parents/carers can utilise to ensure children’s safety online. Additional advice can be seen via End Violence Against Children's, Stay Safe Online page. 

Additional Resources

News News

Genuine HMRC contact and recognising phishing emails

Read more
Cybersecurity basics Cybersecurity basics

A guide to how SMEs can protect themselves

Read more
Self-assessment tool Self-assessment tool

This tool can help sole traders and micro-businesses check how safe they are from cyber threats.

Read more
Cybersecurity and remote working Cybersecurity and remote working

Key recommendations on how to stay secure when working outside the office.

Read more
Phishing attacks - Guidance Phishing attacks - Guidance

How to spot and deal with suspicious emails, and what to do if you've already clicked

View
Police CyberAlarm Police CyberAlarm

A free tool helping organisations monitor and report any malicious activity they face online.

Read more
GM Cyber Resilience Centre GM Cyber Resilience Centre

Resources to improve your cyber awareness and start your journey to becoming cyber resilient

View
Citizens Advice - Blog Citizens Advice - Blog

Why it’s so important to be #ScamAware

Read more

Visit our FAQs page for more Coronavirus Business related information  

Coronavirus Business FAQ's

The information provided is meant as a general guide only rather than advice or assurance. GC Business Growth Hub does not guarantee the accuracy or completeness of this information and professional guidance should be sought on all aspects of business planning and responses to the coronavirus. Use of this guide and toolkit are entirely at the risk of the user. Any hyperlinks from this document are to external resources not connected to the GC Business Growth Hub and The Growth Company is not responsible for the content within any hyperlinked site.

Share this post