Amidst the COVID-19 outbreak in the UK, many of us are concerned about what will happen next. However, many scammers see it as an opportunity to profit.
There's been a 400% rise in fraud related to COVID-19 in March according to Action Fraud. Between 1 February 2020 and 18 March 2020, Action Fraud has received 105 reports from victims of COVID-19 related frauds, with losses totalling close to £970,000.
We are sharing six of the many on-going scams in the UK. We would like to urge you to read the document and avoid yourself and your family falling victim to phishing scams.
1. HM Revenue & Customs (HMRC) - COVID 19: Tax rebate
The email has been issued in various formats. Do not reply to the email and do not open any links in the message.
2. HMRC – COVID 19, SMS scam
- Goodwill payment SMS: This is an example of the SMS scam: ‘As Part of the NHS promise to battle the COVID- 19 virus, HMRC has issued a payment of £258 as a goodwill payment. Follow link to apply.’.
- ‘£35 fine’ SMS: Do not reply to the SMS or call the phone number listed.
3. COVID 19 holiday refund scam:North Tyneside Council and a couple of other councils have also raised the alarm about several shady schemes including fake holiday refunds for individuals who have been forced to cancel their trips. Please, do not click on any such links or attachments.
4. Department for Education- Free meals scam:Many parents have received an email stating the following message: ‘As schools will be closing, if you’re entitled to free school meals, please send your bank details and we’ll make sure you’re supported’. This is a scam email.
5. Fake communication from local councilsSome councils have issued a warning about a scam message offering residents a payment “as part of its promise to battle COVID 19”. The link takes you to an official- looking (but fake) gov.uk page that asks you to enter your card details, including your security number.
6. Phishing attacks against businessesRecently, Sky news came across a copy of an email scam sent to several organisations that pretends to be from each firm's internal IT team. The email - which has the subject "ALL STAFF: CORONA VIRUS AWARENESS" - tells employees that "the institution is currently organising a seminar for all staff to talk about this deadly virus", and asks them to click on a link to register.
The link takes anyone clicking on it to a third- party website disguised as an Outlook web app. Anyone who fills in that form ends up giving their details to the hackers.
Key points that will help you in identifying phishing/fraudulent emails
So, what can you do to protect yourself against scams and misinformation? Broadly the things to watch out in emails and other messages are:
- Assume that all emails about financial matters are a scam unless you are absolutely sure that they are legitimate. Avoid clicking on links, downloading attachments or providing any personal information.
- All government websites start with https://www.gov.uk/ For more information on scams, how to avoid them and protect yourself visit the Financial Conduct Authority.
- Your bank or the police will NEVER ask you to transfer money or move it to a safe account.
- For corporate incidents, notify the IT incident team by sending the spam email as an attachment.
- No legitimate organisation will contact you from an address that ends ‘@gmail.com’, not even Google.
- Check if the domain name is misspelt. Look out for extra digits or letters in URLs and email addresses. Sender’s email address should exactly match the domain of the company they claim to represent. For example, verified email should be from email@example.com and not firstname.lastname@example.org or email@example.com
- Spam email subject or body usually contains poor grammar or spelling errors. Beware if you are addressed impersonally or oddly
- Never click on links which asks you to verify/update personal or sensitive information. Hover over the link before clicking it. This will show you the actual address of the link
- Do not open attachments unless you are confident that it is from a genuine source. Even then beware of anything suspicious
- Check for https in the URL and security padlock for security certificate
- For shortened URLs, enter shortened bit.ly URL in browser with + at the end. This will give you information about the site that the shortened link refers to.
- Cross-check emails which are reported by mailbox (Gmail/outlook) service provider as unsafe.
- Check if the message creates a sense of urgency, warnings, offers or threats. To check the authenticity of an email, please research about the claim/benefit/rebate that the email sender seems to be claiming about. For example - if an email states that Department of Work and Pensions (DWP) is offering you a rebate against non-consumed food meals, please go on DWP website and search for relevant information or policy.
If you think you’ve already been the victim of a scam - read our suggestions on what to do next.
Important: This content is for guidance and educational purposes only and is generic in nature. Salary Finance Limited (trading as Neyber) does not offer regulated financial advice. Please seek independent financial advice.