As the Coronavirus pandemic grips the world, large numbers of people are working remotely, and most individuals are increasingly making transactions online. Fraudsters are taking the opportunity to capitalise on the disruption to defraud businesses and individuals.
To underline the scale of the problem, a recent article in The Guardian reported that in the UK, there have been over 500 covid-19 related scams and over 2000 phishing attempts reported to date with total losses reaching £1.6M.
At Fexco, we value the health and wellbeing of businesses and individuals and would like to alert you to some of the scams circulating amidst the Covid-19 outbreak:
- Invoice redirection >
- Fake suppliers >
- Counterfeit goods >
- Coronavirus ‘advice’ emails and messages >
- Ransomware attacks >
- Hijacking and hacking of communication platforms >
1. Invoice redirection
This scam had been in circulation long before the coronavirus outbreak, but fraudsters are taking advantage of the current uncertainty, hence the escalation in this type of fraud.
Invoice redirection fraud occurs when a business receives a fraudulent email claiming to be from an existing supplier, advising of new bank details for payment.
Police and fraud prevention agencies are warning of an upsurge in invoice redirection, advising businesses to be vigilant if requests to make payment to alternative banks and accounts are received.
In a recent incident in Ireland, Gardai revealed that a woman was tricked into transferring €30,000 by fraudsters pretending to be her husband.
The scammers requested the transfer of money by email to an account in Germany. Believing the instruction had come from her husband, the woman transferred the large sum of money, only to later discover it had been a scam.
- Always ring an existing supplier on a confirmed telephone number to make sure any request of this nature is legitimate.
- If in doubt, never reply to an email and under no circumstances should you click on any link contained in the email.
- Make it a habit to look out for typos and general poor composition in emails.
- Talk to your payments provider who will advise on further preventative measures to take.
2. Fake suppliers
Fraudsters are only too aware of the massive demand for healthcare products during the Covid-19 crisis. When supply chains are disrupted, many businesses will seek new suppliers to meet demand.
Fake websites and social media accounts are being set up by fraudsters, advertising the sale of face masks, ventilators, hand sanitisers, home cleaning products and even food.
Capitalising on the extreme demand for these products, fraudsters will offer product in bulk and charge handsomely for the service. These scam online retailers take the money – as well as personal information – and never deliver the goods.
RTE recently reported that a European business seeking to purchase alcohol gels and protection masks was conned out of €6.6m. The money was transferred to a company in Singapore following receipt of a fraudulent email offering the service. The goods never arrived.
On 14th April 2020, a BBC report outlined how fraudsters actually cloned a legitimate website of a Dutch company and conned a German firm into ordering 10 million masks valued at approx. €15M. The fraudsters then put the German company in touch with an Irish ‘intermediary’.
A down payment of €1.5M was paid to a bank account in County Roscommon for masks that were not delivered. The German buyers only realised a fraud had occurred when they were told by the legitimate Dutch company that no order had been placed.
- You should always deal only with a reputable supplier and purchase based on previous experience.
- Carry out extensive research on any new suppliers, calling numbers provided if necessary and using business registration sites for proof of legitimacy.
- Talk to your payments provider about risk and fraud prevention measures. Reputable providers will have compliance and regulatory measures in place to combat supplier fraud.
3. Counterfeit goods
Similar in nature to the second scam on our list, the surge in counterfeit goods, particularly medical equipment is a real concern.
Risk management company Digital Shadows revealed that counterfeit surgical masks are being sold on dark web marketplaces. Cybercriminals who normally sell illicit drugs and hacking equipment on these platforms are now turning to the sale of counterfeit goods, fully aware of the profits the huge demand will bring.
A recent Sky news report revealed that a company in the Ukraine claimed to be able to manufacture 200,000 masks every two to three weeks. One can only imagine the quality of the masks if these production rates were genuine.
- Be aware of outlandish claims around manufacturing rates.
- Always think quality over quantity. If something sounds too good to be true, it usually is
- Most importantly do your research and purchase only from reputable sources.
4. Coronavirus ‘advice’ emails and text messages
Criminals are seeking new ways to profit from the misery of a global pandemic. There has been an inevitable rise in the number of phishing and smishing attempts recently as fraudsters prey on the sensitivities of a concerned public.
Typical scams involve the sending of emails and texts, claiming to be from a government or medical organisation and requesting the receiver to click on a link or download an attachment. The mail or text will use language that conveys urgency and claim to offer breaking news or advice on Covid-19. You may also be asked to provide bank account or login details.
The goal of this scam is to trick the receivers into sharing personal, financial or security information. Malicious software can be installed on your device allowing cybercriminals to take control of your computer, logging keystrokes or accessing personal or financial information.
So, what might a coronavirus phishing email or text look like? In the US, phishing emails are currently being designed and sent by cybercriminals to look like they’re from the U.S. Centers for Disease Control.
The emails falsely claim to link to a list of coronavirus cases in your area and receivers are instructed to click the link, go through the list and take safety precautions. This is basically an attempt to lure the unsuspecting receiver into providing personal information that can be used to commit fraud or identity theft.
- Never respond to emails with your personal data.
- Covid-19 themed emails looking for your login details, bank account number or other personal information are scams. Legitimate government agencies do not request such information by email.
- Sometimes the link to a web address may be obviously illegitimate. Hover the mouse over the URL to reveal its full destination. Also be aware that fraudsters are adept at replicating legitimate email addresses with alternate letters occasionally missing. Delete the email.
- Phishing emails are unlikely to use your actual name and will be generic (Dear sir/madam) when greeting. Delete the email.
- Spelling, grammar and punctuation errors are a giveaway and it is likely the email is a phishing attempt. Delete the email.
5. Ransomware attacks
Another unfortunate but increasingly common Covid-19 related cybercrime is ransomware attack with the sole aim of extorting payment.
What makes the current round of ransomware attacks most insidious is the fact that hospitals have become primary targets for cybercriminals exploiting the coronavirus crisis and threatening to hold these institutions to ransom despite the lifesaving work they are carrying out.
The threat is extremely serious and could have devastating consequences if key acute hospitals are effectively locked out of their core IT systems.
Cork based cyber protection firm, Smarttech247 has echoed the advice from Interpol warning hospitals and other health organisations battling Covid-19 to be on guard against cyber-attacks.
In a recent Irish Independent article Raluca Saceanu, General Manager at Smarttech27 commented
‘Cyber criminals had previously been reluctant to target medical institutions during the crisis. However, these are often ruthless individuals driven by profit at any cost.
“Our security operations centres have noted a significant spike in so-called ‘brute force’ attacks, as well as ransomware attempts in the past three weeks’
The COVID-19 pandemic has made organisations like hospitals, governments and universities, more conscious about losing access to their systems and more motivated to pay the ransom.
As remote working has become the new norm, a ransomware attack on your business would cause more disruption than under normal circumstances.
- As always, do not click on links or download attachments within unexpected or suspicious emails
- Always back up the data on your computer keeping one copy offline.
- Ensure that your security system and operating system are up to date
- Make sure to only download official versions of software from trusted websites.
6. Hijacking and hacking of communications platforms
As large numbers of organisations and individuals turn to communications platforms to facilitate online meetings, cybercriminals are looking at ways to hijack these by exploiting any vulnerabilities including unsecured passwords and unpatched software.
Platforms such as Zoom and Microsoft Teams are seeing a steady increase in use as businesses and individuals turn to video conferencing to stay connected during the coronavirus pandemic.
The UK’s National Cyber Security Centre (NCSC) has reported that phishing emails with attachments naming the likes of Zoom and Microsoft Teams are being sent to try and trick users in to downloading malicious files.
US cyber security firm Check Point reported that there has been a sharp uptick in “Zoom” domain name registrations recently with researchers identifying that at least 70 domains registered within one week in April were being used for malicious purposes.
In a more worrying development, Check Point also discovered many “.exe” files with Zoom in the file name. Running these files installs malicious software that opens up the unsuspecting user’s device to further attack.
Unfortunately, these attacks are not just confined to Zoom. Many files with Microsoft Teams in the filename have also been discovered, revealing that hackers are also spreading their operations across several other video conferencing platforms.
Many videoconferencing products include security settings that can prevent hijacking. However, it’s often left to users with no security training to configure these settings.
There are many reference guides out there that offer good advice on protecting you and your colleagues when using videoconferencing.
Check out this LinkedIn list from Gabriel Friedlander about securing your meetings on Zoom when working from home.
Stay informed: useful resources
About Fexco International Payments
Fexco international Payments provides global payment solutions to businesses and individuals. All clients making payments are screened and beneficiaries are checked against international blacklists. In 2017 we became the first Irish Payment Service Provider to receive the esteemed ISO 27001 Certification in recognition of our standards, processes and continued innovations when it comes to securely managing the information of our clients.
If you have an international payment requirement or would like to find out more about how our team combats payment fraud, talk to us today on:
Ireland: 1800 246 800
United Kingdom: 0800 840 2887