Fraudsters will always make use of a crisis, and they have done just that with coronavirus.
Fraud cases have been on the rise since coronavirus began its spread across the world as millions have now switched to working from home. In the UK alone, authorities removed more than 2,000 online coronavirus scams last month alone, including 471 fake online shops that were selling fraudulent virus-related items, the BBC reported.
The barriers between home and work life have blurred, and people’s guards are down, said Peter Yapp, a cyber security partner at Schillings, a UK-based international reputation and privacy consultancy.
“Many people get up, get dressed, and they go into an office. They know how to behave in that office environment, and they have infrastructure and people around them,” he said. “But now you've lost all of that, and I think people's guard is down. And I think that's why we’ve seen a huge spike in coronavirus-themed frauds.”
Fraudsters, used to working from home in this type of environment that many of us are adjusting to, began constructing websites and phishing emails from the get go of the crisis to dupe people out of money.
Once the money is gone, it’s incredibly difficult to get back and recovering funds is unlikely. Just 15 percent of stolen funds across remote banking channels were recovered in 2019, according to a UK Finance report.
Yapp spoke to Al Arabiya English about what signs to look for to avoid being scammed, how individuals can best protect themselves, and what to do if personal information is compromised.
Q: What are some common or emerging scams, and what should people be on the lookout for right now?
There have been particular scams that have used the World Health Organization and the Centers for Disease Control and Prevention in the US as a cover. The phishing emails have had those themes, and sometimes they’re just asking you to click on a link and that will download malware, ransomware, or a backdoor.
People want to know about the latest cure or when a vaccine will be available, and fraudsters are capitalizing on this. There are also fake products being offered, and it’s all the things people are desperate for like face masks or hand sanitizer, vaccines, or testing kits. They’re not available to the general public, but people want these products and will sometimes fall for the scam.
Sometimes they’re just after money, and they can get people to donate to what looks like a charity through bitcoin or other types of electronic payments.
Q: Is it primarily business or personal fraud that is increasing?
It is both, and these fraudsters are just spreading out lures, like phishing emails, to see where they drop. It doesn’t seem like there’s a lot of targeting, so they can get businesses in the same way they can get individuals.
Q: What are some of the best tips to kind of avoid getting scammed and to protect yourself?
My top line really is, if it looks too good to be true, it probably is.
I know that’s very difficult to balance in the current environment. Don’t fall for any unsolicited approaches by text, email, or phone call.
Two red flags are people who say you can’t call them back, or if they try to force you to make a quick decision. A lot of fraudsters rely on the fact that you have to react quickly, and this should be resisted.
You can also cross check details. If the website only shows mobile phone numbers or PO Box addresses, be suspicious. It’s possible it’s not a genuine business.
A lot of this is done through email, so try to verify the email account, especially if you’re doing it on your mobile phone. The email addresses will be incredibly close, sometimes it will be as simple as a hyphen added to what the organization’s actual email address is.
There are also frauds popping up that promise a high return on investment, and you’re told it’s low-risk; that’s also probably fraud.
Q: What about protecting information so it’s less likely that people can gain access to your information?
There are some standard things that you that will protect you, not just now but into the future as well.
Your main email account, whether business or personal, is key, so you should think about multi-factor authentication and a strong password. “Three simple words” is a trick that I use for password creation.
If you pick three random objects or random words and put them together, it actually becomes quite easy to remember. And using words makes it quite long and quite difficult to break.
Q: Any tips for protecting your bank account?
For some of these frauds, it’s possible within many banking systems at the moment to just give sort codes and account numbers, and the name of the account isn’t checked. And because of this, people send emails saying “We've changed our bank account, please transfer the latest invoice into this new bank account,” and it may look perfectly legitimate.
They’ve often managed to get into the email system of one side or the other to make it look very genuine.
Just go back to the old way of doing things, and pick up the phone and call to see if that’s correct. It's a simple way of making sure that you're not transferring money into a fraudster's bank account.
Q: In the case that you do give out your personal information, what do you need to do?
If you give out personal information, but you haven’t been defrauded, then you should change your passwords, and you should be super aware. Monitor your bank account for missing deposits or any irregularities.
Q: And in the case of fraud, what are things that the authorities and banks can and can’t do to help you retrieve those funds?
The key to this is to act extremely quickly. As soon as you know money's gone to the wrong place, get to your bank and law enforcement straightaway. They might be able to stop the payment, or they might be able to trace it if you do something quickly enough.
Some banks have schemes for repaying some of this money if you haven’t contributed to your own downfall. There are legal measures as well, so you can go to your lawyers and try to recoup some of your losses.
Law enforcement can be slow to act, and because of scarce resources, they may not take on cases unless a certain monetary value has been lost.
Read more:SHOW MORE