NEWS Security

As COVID-19 forces a UK lockdown, what threats must we consider? How does it affect fraud, cyber threats and discrimination?

We have all no doubt seen the news reports about those taking advantage of the scared and vulnerable during this time. This is a very real threat that we must guard ourselves and others against. Here, in our fourth and final blog in our security series, we outline some of the risks to watch out for and how to avoid them.

FRAUD

The MHRA Enforcement team based in the UK and UK Border Force found 871,616 doses of unlicensed medicines valued at £2.6m. As a result, 294 websites and 1031 social media adverts online offering medicines illegally have had to be taken down.

As of 4th April, more than 500 Covid-19 related scams and over 2000 phishing attempt have been reported. The National Fraud Intelligence Bureau calculates total losses up to £1.6 million to those targeted.

Masks have also been advertised for extortionate prices and it cannot be guaranteed if they are rated to the standard required. One victim is said to have paid £15,000 for face masks, which as expected in hindsight, did not arrive.

The UK Government recently quoted in March 2020 that ‘..in the UK the MHRA Enforcement team and colleagues from UK Border Force found 871,616 doses of unlicensed medicines with a value of £2.6m and additionally took down 294 websites and removed 1031 social media adverts online offering medicines illegally.’

Our recommendations:

  • Don’t rush into replying to emails, SMS or social media links that ask you to reply with information. Challenge the content and assume it is fraudulent until you can prove it legitimate. Rushing you into making a decision quick or through a ‘bargain’ offer is a common tactic to persuading you to sign up to ‘their’ deal. If you do however click too quickly, and feel you have made a big mistake, don’t forget to contact your bank immediately.
  • Websites advertising outside of the legal supply chain may appear to be genuine, however they are breaking the law – and may end up with you becoming the real victim! Stick to your appointed doctor for medicines.
  • Take Five to Stop Fraud is a national campaign that offers advice to help everyone protect themselves from preventable financial fraud. https://takefive-stopfraud.org.uk/
  • The National Crime Agency has advice on specific fraud and scams during Covid-19. Including Online Shopping & Auction Fraud, Computer Software Service Fraud, Lender Loan Fraud, Pension Liberation Fraud, Investment Fraud and Mandate Fraud. https://www.nationalcrimeagency.gov.uk/news/fraud-scams-covid19

Action Fraud reporting can be accessed at https://www.actionfraud.police.uk/

 

CYBER & INFOSEC THREATS

There has been an increase in webpage registration relating to COVID-19. The National Cyber Security Centre have revealed a range of attacks are taking place online as cyber criminals seek to exploit COVID-19.  Criminals are taking advantage of the new cyber environment. The fact that more and more of us are working from home and dependent upon IT communications, means we are more vulnerable than ever before.

Divisive emails claiming to have important updates lead to devices being infected once opened.

Phishing attempts have occurred worldwide and are leading to loss of money and sensitive data.

Recently in the UK, COVID-19 -themed emails with infected attachments have been sent recommending ‘what to do…..’ in the case of the virus. These have been targeting specific sector to gain major impact and success. Another form of SMS phishing known as ‘Smishing’ is targeting phones through SMS using rewards tactics, usually government or NHS to click on a link.

Recommendations:

  • The public are being urged to follow online safety advice as evidence emerges that criminals are exploiting the Coronavirus online.
  • If work related, contact your business IT team immediately.
  • The NCSC, a part of GCHQ created to keep the UK safe online, is urging businesses and the public to consult its online guidance, including how to spot and deal with suspicious emails as well as mitigate and defend against malware and ransomware. https://www.ncsc.gov.uk/news/covid-19-exploited-by-cyber-actors-advisory
  • Additionally joint advisory from the NCSC and the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is available here: https://files.constantcontact.com/3fc9e118601/1f8a59f2-eeff-4d13-bbbb-2f85ebe353a8.pdf
  • Enable multi-factor authentication wherever feasible, consider ‘trusted’ only VPN (Virtual Private Networks), ensure all your PC and mobile devices have anti-virus software that is current and can update regularly and ensure your own network at home is secure and password protected.
  • If a communication is offering you money, it is highly likely this is a scam that could end up with a loss of your own money.
  • Report to Action Fraud as soon as possible, any personal impact to phishing.

CPNI recommendations for Home and Mobile Working can be found at: https://www.cpni.gov.uk/content/home-and-mobile-working

The National Cyber Security Centre is offering advice about those that exploit COVID-19 against you:

 

RACIAL & SERVICE SECTOR TARGETING

Unfortunately there has been an increase in racism towards the Far East Asian community and also towards hospital staff and those working in emergency service sectors whose security passes are being stolen to gain advantage in food outlets whilst suffering abuse for being in close proximity to those carrying the virus. Those who are responsible for the duty of care for workers must be mindful of new and specific threats and ensure adequate lone-working and reporting systems are in place to report hate crime, abuse against staff and threatening behaviour.

We must all remember that in a time when society has come together to help each other and safeguard lives, there are always those who will take advantage. Coming together to tackle these threats is just as important. Stay safe.

John Green is Head of Security Consultancy for Hilson Moran

Hilson Moran @HilsonMoran

This site uses cookies to ensure the best user experience. Read More

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close