CURRENT COVID-19 FRAUD RISKS
- Payment diversion / mandate fraud
- Identity fraud
- Misinformation campaigns (esp. ‘cure’-related)
- Malware attached to coronavirus trackers
- Online shopping fraud (esp. pets who the fraudsters claim are in quarantine)
- Investment fraud
- Pension liberation fraud
- Data breaches (esp. unsecure video conferencing systems and failing PCI DSS)
- CEO fraud
- Phishing emails (generally)
ANTICIPATED AND/OR EMERGING ISSUES
- Spread of misinformation about coronavirus cures. For example in the Middle East an email purporting that methanol is a cure led to at least 700 deaths.
- Government support scheme frauds (incl. business interruption and the small business fund).
- Serious Organised Crime Groups using COVID-19 as a hook for future frauds.
- Increases in pension and investment frauds linked to the economic recovery.
- Phishing emails related to the Self-Employment Income Support Scheme (SEISS).
- Bogus claims for the CV Job Retention Scheme (CJRS).
SOME SIMPLE PREVENTATIVE TIPS …
- Suspicious emails should be sent to the NCSC at email@example.com
- Fraud Advisory Panel helpsheet on invoice fraud. Available here.
- The ICAEW IT Faculty is running a free webinar on 12 May on ‘five steps to cyber hygiene for the smaller firm’ which will include the latest COVID-19 guidance from the National Cyber Security Centre, available here.
- When using video conferencing platforms:
- Use additional security (such as 2FA)
- Do not share confidential information
- Follow Zoom guidance on best practice
- Follow the NCSC best practice guidance