Fraud and phishing

Fraud trends from Covid-19

Published 19th May 2020

The UK Financial Intelligence Unit has published a guidance note on COVID-19 that sets out their recent observations about the rises in fraud.

They have also set out new Glossary Codes in relation to any COVID-19 suspicions, fraudulent use of Government Priority Schemes and fraudulent use of the HMRC Self-Assessment Tax Refunds system.

Areas identified

The press have covered a number of stories around the following areas:

  • Increase in new companies registered on Companies house with either COVID-19 or Coronavirus in the title.
  • Individuals impersonating the government, or HMRC, notifying the victim that they were due a rebate and requesting bank details to enable the payment.
  • The elderly continue to be targeted by fraudsters. The National Fraud Intelligence Bureau have received over 500 reports with approx. losses of £1.6m
  • Criminals are using scare-tactics to pressurise investors to move their investments – they claim that the pandemic provides time-critical opportunities. Information around the investment opportunity is often sparse.
  • Bogus companies are purporting to sell faces masks, hand sanitiser and other PPE but once the payment is made, the company disappears.
  • ICAEW reported in ICAEW Daily that online fraudsters have sent phishing emails targeting unsuspecting businesses claiming to be from HMRC chief executive, Jim Harra.
  • Social engineering whereby fraudsters impersonating high street banks persuade their victims to transfer funds to a new account following a ‘security breach’ and a change to normal  procedures as a result of COVID-19. Social engineering is where the fraudster has researched a particular victim via their social media accounts and other sources.
  • Bogus emails asking for a donation to tackle COVID-19, normally pretending to be from a charity which is assisting vulnerable people during the outbreak.

What to do if you think you are falling victim

Our advice is, as always, to be alert.

If it does not sound right then it is probably not.

If in doubt:

  • arrange to call them back, and use the telephone number you knew before.  If you do not have a telephone number, google it independently, ensuring the web address is correct.
  • ask them to put the details to you in writing.  If it is bona fide, then they will not have an issue with this.
  • if you receive an unsolicited email containing a web link, do not to open it.  But if you hover over it, the web address it is taking you to will appear, and see if you recognise it.
  • do not make any payments, or pass any card details, immediately. Call them back on a number you know.  Then make a payment only when you are confident that the request is bona fide.
  • if you get taken to a page which requires a password or username, and these do not automatically come up (when the normally do),this is a sign of a hoax website.
  • Contact us to discuss the positon
Fraud and phishing