TechRadar reports on a phishing email scam that is underway to target business owners applying for the government’s Coronavirus Job Retention Scheme. With this, cyber criminals are exploiting the aid package using what is described as a “highly realistic bogus email”, purporting to be from the UK government tax agency HMRC.
In relation to the other issue, of general fraud, the BBC has highlighted how the UK’s National Cyber Security Centre (NCSC) has had to take action to remove more than 2,000 online coronavirus scams during one four week period. One such site carried the message: “Please send $250 worth of iTunes gift cards for essential lockdown supplies!” Other, however, are more subtle with the scam nature being harder to detect.
Delving into the matter for Digital Journal, Will LaSala, Senior Director of Global Solutions at OneSpan considers both issues.
HMRC phishing scam
LaSala considers the risks around phishing scams: “Despite the news late last week that Google were thwarting 18 million coronavirus emails a day, Coronavirus related phishing emails are still reaching our inboxes as hackers take advantage of the spike in email communication. ”
In terms of the consequences, her notes: “As a result, fraud attempts are likely to be on the increase, so banks and financial institutions need to be especially vigilant. They should invest in dynamic fraud solutions that leverage machine learning and advanced risk analytics to identify abnormal user behaviour in real time. Furthermore, solutions that are capable of automatically operating at a lower level of trust during times of increased risk are best suited to help banks and FIs respond to the fast-paced nature of fraud during events like the Coronavirus outbreak.”
NCSC activities
With the attempts to address illicit websites, LaSala says: “We’re unfortunately continuing to see attackers relentlessly exploit the ongoing pandemic to try and bait victims into falling for scams that can have devastating consequences, such as money being lost, personal details being stolen, or malware unknowingly installed. ”
He also offers the following advice to consumers: “Consumers should be wary of clicking on links within emails, should always check the senders email address, and should know no trusted organisation would ever ask them to part with money via email.”
LaSala also weighs in on the necessary preventive measures that institutions need to be putting in place: “To ensure their customers are protected, banks and FIs need to be especially vigilant, and invest in dynamic fraud solutions that leverage machine learning and advanced risk analytics to identify abnormal user behaviour in real time. Furthermore, solutions that are capable of automatically operating at a lower level of trust during times of increased risk are best suited to help banks and FIs respond to the fast-paced nature of fraud during events like the Coronavirus outbreak.”