Fraud is spreading fast
- Fraudsters are always looking for new opportunities to target your business – and during coronavirus (Covid-19) is no different.
- There are a number of coronavirus-related scams and malware campaigns in the UK, which are designed to encourage you to give away sensitive banking and personal information, or download malicious files onto your personal or work devices.
- From spotting scams and suspicious messages, to invoice and impersonation fraud, here are some simple steps to help keep your details and your business safe.
Be extra vigilant if you receive emails, texts, calls or letters claiming to be from, or containing links to, these organisations:
- Centers for Disease Control & Prevention (CDC)
- Global Health Centre
- Organizzazione Mondiale della Sanità (OMS)
- Shipping company customer service teams
- Updates from presidents of corporations
- World Health Organisation (WHO)
You should also take care if you get any emails that mention coronavirus (Covid-19), especially if they also reference:
- A link for an app that tracks the virus using an interactive map
- Business working conditions or policies
- Campaigns raising money for research into cures, or funds for victims
- Information about hospitals in affected areas
- Mortgage repayment holidays or rent relief
- Parcel shipping cancellations
- Refunds from airlines or entertainment bookings
- Money transfer requests for victims trapped abroad
- Services who claim they can diagnose coronavirus
- Tax refunds from gov.uk
- Websites where you can buy coronavirus masks, test kits, sanitiser gels or protective equipment
Ways to stay safe
- If you get an email like the one we’ve described above:
- Don’t click on any links or download or open any attachments
- Don’t enable macros in any attachments
- Don’t enter or provide your personal information, bank details, usernames or passwords
- Don’t forward it to colleagues or reply to it
- If you get a message that looks relevant to something you’ve bought or a service you use, it’s still best not to reply, but contact the company claiming to have sent it via a different method that you’re confident is secure – like a phone number or email address shown on its official website.
Fraudsters will be looking for opportunities to exploit any vulnerabilities in your processes while your staff are working remotely. Make sure you and your colleagues stay vigilant, wherever they are working from.
If your teams are using their own devices, remind them of best practices such as keeping their software up to date, using secure Wi-Fi and running anti-malware and anti-virus software. If your business is able to, you and your colleagues should consider the use of a virtual private network (VPN).
Make sure that any urgent or unusual payment requests – including changes to the details of a beneficiary – are checked on a known and trusted number before making the payment. Even if the request appears to come from a contact within your own company, it’s still important to check first.
Remember that your bank may ask you for some information, but will never ask for your full password or PIN, provide you with details to make a payment, or request that you grant them access to your systems or PC.
If you get an email or text that claims to be from us but looks suspicious, please get in touch via our usual channels.