Scams, fraud and cyber crime relating to the coronavirus pandemic
Unfortunately, there is a wide range of fraud and crime that can be undertaken online and on your doorstep during this period of social distancing and self isolation. Read our alphabetical list of scams, fraud and cyber crime. Be wary and be alert.
On your doorstep
If you know your neighbour, then ask a neighbour, but if you are not sure – don’t open the door. Contact CityLife line for help. This is coordinated jointly by the Council with the statutory sector. This Citylife Line is a safe way to get your essential supplies – food, prescriptions and hygiene products.
Do not pay anyone on your doorstep for the Covid19 vaccine.
Don’t enter your personal bank account details and don’t click on phishing emails that may embed malware software.
Five to Stop Fraud Take Five is a national campaign offering straight-forward, impartial advice that helps prevent email, phone-based and online fraud – particularly where criminals impersonate trusted organisations.
The NCSC has launched a Cyber Aware campaign to help the public stay secure on the internet. Read their top tips to tackle and protect you from the growing cyber threats. Included in this is a new suspicious email reporting service, helping the public to fight back against phishing. To find out more about this new service and for tips on the 6 most essential protective behaviours, visit their website.
If the worst happens and you are a victim of a scam or if you think you have been targeted contact Action Fraud – report Fraud & Internet Crime
Report phishing and scams
Law enforcement are currently aware of a credential harvesting email phishing campaign. The email indicates the recipient has files to view/download and requests that users login using their credentials to access the files.
At present, these emails are known to have come from compromised law firms, however it is possible that these emails could come from any organisation that has been compromised. The difficulty of spotting these emails is increased due to them coming from a legitimate source or known sender.
Be wary of emails asking you to login to any system to view/download files, consider:
- Were you expecting this email or has it come expectantly even if it is from a known sender?
- Has the user ever previously asked you to login to a system to view/download files?
- Are you able to verify with the sender by phone or in person that the email is genuine?
If you receive a phishing email you are reminded that you should follow your own organisations policies and procedures and that you may be required to notify your IT department. If you do not have an IT department you can forward phishing emails to email@example.com
If you have been a victim of a cyber-attack you are advised to report this to Action Fraud
Latest scams and fraud online
- EE Phishing email – do not click on email@moniquemol[.]nl
- Phishing email asking you to pay for a redirect/delivery of a DPD parcel.
- phishing email offering Bitcoin investments
- phishing email claiming to be from A-Z Pharmaceuticals
- Beware of internet domains impersonating Cleveland Police – if you are contacted by someone claiming to be from Cleveland Police, call them back through the 101 telephone number
- Easyjet customer details have been compromised – beware of any unsolicited communications from them
- android banking trojan bankbot – downloaded through downloading a symptom tracking app (but not through Google Play or Apple Store) called Covid Symptom Study or Covid 19.apk.
- Fake British Gas emails about outstanding payments and threatening further action
- Fake WordPress emails instructing recipients to do a DNS (Domain Name System) upgrade which is fake.
- Firefox Cisco Talos has issued a security notice for a vulnerability found in Mozilla Firefox web browsers. Successful exploitation can lead to sensitive information disclosure. Products affected include: Firefox version 76.0.2 x64 Firefox Nightly version 78.0a1 x64
- Vaccine – do not follow or click on suspicious text messages with a link to a booking site which mimics an NHS page, but asks for personal details including bank account numbers. Your GP will contact you.
Fake charity appeals and crowdfunders
There are many worthy causes to support at this time, but be sure you are sending your money to the right organisation and not a fraudulent account. Check with friends and check the Charities Commission website.
Be careful what personal information you post on Facebook and Instagram. Fraudsters trawl online platforms for data like name, address, email, phone number, place of work, health issues, date of birth. They use these details to target or impersonate people to commit fraud. Use CityLife line.
Gov.uk scams ignore text messages from the government claiming to be fining you for leaving the house.
Health information scam
Be suspicious of unexpected emails from the NHS and the World Health Organisation claiming to offer help and advice.
HMRC relief scam
Fraudsters are sending texts supposedly from HMRC offering relief money to help those in need.
Be suspicious of investments that sound too good to be true – even green or ethical investments. Check the company is on the FCA register.
Phishing email uses DocuSign to steal Microsoft credentials.
Microsoft Teams phishing software – this is a fake version of Microsoft Teams intended to harvest your data.
Online offers for vaccinations
Ignore online adverts for vaccinations. Currently there are no vaccines, medicines, creams or other medical products that can treat or cure Covid-19.
Please don’t buy pets over the internet. Always purchase from a reputable breeder and you should see the animal before you pay. Most offers at the moment are scams and the pet will not be delivered to you.
Safe video conferencing
Only download software from reputable brands such as Apple or Google Play or from the official website of the provider:
Skype at https://web.skype.com/ or https://www.skype.com/en/get-skype/ to download
Zoom at https://us04web.zoom.us/
- Make sure your password cannot be matched with your other passwords for email and apps.
- Set up 2 step authentication
- Make sure you know how a meeting is recorded so you can spot the signs
- Don’t post on social media – invite by email to keep the meetings private and avoid “bombing” (see below)
- Keep your software and devices up to date to maximise security
With the rise in the use of Skype there has been an increase in copies /themed applications that are not Skype. This enables malware to be planted on your computer. Malware is any software intentionally designed to cause damage to a computer, server or computer network. A wide variety of types of malware exist, including: computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, and scareware.
Tesco fake emails
The email states that the supermarket is offering free vouchers during the coronavirus outbreak. The link in the email leads to a genuine-looking phishing website that is designed to steal login credentials as well as personal and financial information.
Don’t click on the links or attachments in suspicious emails and never respond to messages that ask for your personal or financial details.
Their emails come from firstname.lastname@example.org They will always include your name in their emails.
They will never:
- email you to tell you that you’re entitled to a refund
- offer you a discounted TV Licence
On their website they’ll never ask for:
- your card details to take a missed payment before we’ve first asked you to sign in to identify yourself using your licence number, surname and post code
- your mother’s maiden name
- your date of birth (unless you’re 74 or over and applying for a free TV Licence)
Find updated messaging on the TVL website tvl.co.uk/scam
Zoom and streaming bombing
There are numerous many examples of extremists seizing upon the Coronavirus pandemic as a vehicle to spread their hate, incitement and conspiracy theories. They are “bombing” video meetings. See video conferencing above.
How to report malicious accounts
To report and block a Facebook profile
- click on the … on the person’s cover photo and select Find Support or Report Profile
- then select the option that best describes the account
- click at the top right of Facebook and choose Settings
- click Blocking in the left side menu, select the person you want to block and click Block name
To report and block an Instagram profile
- tap … (iOS) or … (Android) in the top right of the profile. Tap Report and follow the
- tap … (iOS) or … (Android) in the top right of the profile. Tap Block/Unblock
To report a Twitter profile and to block a Twitter profile
- select the overflow icon on the profile you want to report …
- then select Report and select the type of issue you’d like to report
- click the more icon on their profile page …
- then select Block from the menu. Click Block to confirm
To report and block spam emails on Google/gmail
- on your computer, go to Gmail.
- open the message, and click report spam near the top of the page !
- on your computer, go to Gmail and open the message. In the top right, click More …
- click Block sender
Read our article on fraud and scams
Read bogus callers.
Last updated: August 12, 2021