You won’t believe these coronavirus scams. Don’t become a victim!
By Lucy Rankin, Financial Crime analyst
and Suzanne Worthington, Senior Writer
Since the start of the coronavirus outbreak, scammers have been quick to take advantage of the unusual situation to exploit online shoppers, investors, pension savers and anyone else where they see an opportunity. While a challenging situation like coronavirus can bring out the best in people, unfortunately we also see the worst in people.
In this post, we explain some astonishing examples of how fraudsters have been scamming people and how to be extra vigilant to protect your finances.
A pandemic doesn’t stop fraudsters
On 20 March 2020, the day the ‘lockdown’ started, the City of London Police reported a 400% increase in coronavirus-related frauds.
Action Fraud, the UK’s national reporting center for fraud and cybercrime, has received over 100 reports so far with estimated losses of around £1million. Here are some examples of recent coronavirus scams:
- HMRC phishing scam
Security firm Mimecast reported a coronavirus tax refund phishing scam, where scammers impersonate HMRC. On the morning this was detected, there were more than 200 examples in just a few hours.
- WHO phishing scam
Malwarebytes Lab reported a phishing scam where fraudsters impersonate the World Health Organisation (WHO). The scammers promoted a fake e-book which, when victims downloaded it, delivered malicious Trojan software. This malware is stored in the victim’s Google Drive, steals information from the victim’s computer and sends it back to the criminals.
- Other impersonation phishing scams
Ofcom has confirmed that people have reported phishing texts which impersonate not just HMRC and the WHO, but the UK Government, your GP’s surgery, the NHS or organisations telling you how to avoid being scammed. Some of the recent phishing scams Ofcom report are about:
– lockdown fines
– HMRC goodwill payments
– emails about free school meal
– WhatsApp requests to forward a code
(If you get a message similar to these, ignore them. If you click on links, forward message or open files, you potentially give fraudsters access to your personal information, your phone’s data, your emails or your WhatsApp account.)
- Romance scams
A financial services company reported romance scams relating to coronavirus. A customer sent money via a payment service bureau to help someone who claimed to have the virus get medical treatment.
- Facebook impersonations
Another financial services company reports that their customers have received requests for money via Facebook. Scammers pretend to be someone they know, claim they have coronavirus and ask for money.
- Cold calls and doorstep scams
Hiya, the industry leader in protecting people from fraud and nuisance calls, has warned that there’s been a surge in cold calls about coronavirus. Some of these are people posing as employees of the bank of the householder, asking them to move money from their main account to another holding account.
(No bank will ever call you out-of-the-blue or show up at your home to discuss your personal details or ask you to move money to a different account.)
- Donation scams
Users on Twitter report that people impersonating Red Cross volunteers are knocking on doors of elderly people, attempting to trick them into giving donations. And of course, the donations don’t go to those who are suffering, they’re pocketed by the scammers.
Individuals, providers and regulators all need to act against fraud
International bodies, financial regulators and law enforcement agencies worldwide are closely monitoring the coronavirus situation. But just as the success of slowing the spread of coronavirus depends on everyone’s individual vigilance, every individual must take responsibility for their financial security too.
The UK’s Financial Conduct Authority (FCA) announced early in the coronavirus outbreak that it would take any steps necessary to make sure customers are protected and markets continue to function.
The FCA noted the increase in people using mobile banking, which of course helps prevent the spread of the virus as people stay at home, but it can mean customer’s data is more vulnerable. The FCA expects financial services companies like Tide to make sure customers can access services in a way that’s suitable for them – both online and over the phone. We’re here to help – if you’re a standard Tide member (with a free account) and you need telephone services, just let us know.
Take five to protect yourself
Take Five is an initiative by the Government and UK Finance to help prevent fraud. We can’t put it better than Take Five, who say:
“Criminals are experts at impersonating people, organisations and the police. They spend hours researching you for their scams, hoping you’ll let your guard down for just a moment. Stop and think. It could protect you and your money.”
Here are some ways to protect yourself from scams during the coronavirus outbreak:
- Stop and think
Always be wary of unsolicited emails and texts offering questionably good deals. Never respond to messages that ask for personal or financial details or click on links in emails you haven’t signed up to or were expecting. Delete suspicious messages or if your email provider has a reporting service, report them as ‘phishing’.
- Do proper research
Before you make a donation or buy anything related to coronavirus (for example, face masks, hand sanitiser etc), check out the company you’re paying. This is especially important if you were prompted to buy something through an unsolicited email or message.
- Don’t rush into anything
As well as researching your purchases, don’t rush into making an investment. Legitimate companies will never pressure you into making a transaction. Use the FCA’s register and warning list to check if a company is legitimate.
Banks and financial services providers (like Tide or your insurer) will never contact you out-of-the-blue to ask for financial details such as your PIN or to ask you to pay a fee or move money to another account. It’s fine to reject, refuse or ignore requests. Only criminals will try to rush or scare you.
If you think someone is trying to scam you or that you’ve been scammed, report it as soon as you can to Action Fraud to help prevent it happening to anyone else. If you think you’ve been a victim of fraud and have lost money from your Tide account, get in touch with us via the in-app chat. If you’ve lost money from a different bank account, call your bank using the number on the back of your debit or credit card.
As with coronavirus, digital threats from scammers can be prevented through good discipline. Take the time to think about your transactions and what you click on, and make sure everyone who shares your computer or accounts is aware of these measures to prevent fraud.
- Think you’re already scam-savvy? Try the Take Five test to find out if you could outsmart scammers: Quick quiz
- Want to know exactly what happens if you click on a fraudulent link?
Security firm Sophos has provided this clearly-written detailed breakdown.
- And if you’re interested to know how a Word document attached to an official-looking email can install malware that allows scammers to control your computer, read this report by Sophos about a recent email scam in Italy. (Warning: it’s quite technical but there’s a handy diagram near the bottom of the page.)