Scam warning around Government COVID-19 packages
People and businesses seeking financial support from the Government to see them through the COVID0-19 shutdown have been warned to beware of a new breed of email scams.
Fiona Fernie, a partner at tax and advisory firm Blick Rothenberg said that within hours of the UK Government’s Coronavirus Job Retention Scheme (CJRS) becoming available to applicants, there was significant activity by cybercriminals trying to cash in.
This was in the form of emails that purported to come from the Government, suggesting that HMRC needed bank account details into which the grant should be paid.
She explained: "The wording most commonly used to date is ‘Dear customer, we wrote to you last week to help you prepare to make a claim through the Coronavirus Job Retention Scheme. We are now writing to tell you how to access the COVID-19 relief. You will need to tell us which UK bank account you want the grant to be paid into, in order to ensure funds are paid as quickly as possible to you’."
Ms Fernie added: "Most scams focus on obtaining the banking details of the recipient, either by suggesting they can claim some kind of financial benefit from following the instructions in the correspondence (for example a tax refund to help protect themselves from the Coronavirus outbreak, a goodwill payment from HMRC or a large sum of money in return for a set-up payment), or that they have a ‘fine’ to pay as a result of some misdemeanour, such as leaving the house more than once a day during lockdown."
Emails and text messages purporting to come from Government or HMRC officials were designed to lure the recipient into precipitate action before thinking carefully about the substance of the message.
However, "People should be aware that neither HMRC specifically nor Government more widely communicates with individuals either by email or by text, unless you have signed up to the relevant protocol with them. Certainly, payments that can be claimed by taxpayers or fines that can be imposed are not dealt with in this way.
"The communications are designed to look entirely legitimate and as well as using official logos, fraudsters change the ‘display name’ on their email address to only show the name of the body they purport to represent. They are very clever.
"It is imperative to treat any email or text apparently received from an official body with extreme caution – if you are taken in it could be a very costly mistake."
Ms Fernie commented that WhatsApp or social media messages are also used by cybercriminals and should be treated with similar caution.
Apart from not replying to such messages, clicking on any links or providing any financial details, she advised people that if in doubt about whether an email or text is genuine, they should click on/hover over the ‘display name’ email address from which they received the email. This would show the full details of the sender and make it clear whether the email was from a genuine Government or HMRC source.
"If you are in doubt about the source of one of these messages which appears to be from HMRC, forward it to them. You can do this via email at phishing@hmrc.gov.uk or via text at 60599 (network charges apply) and then delete it.
"In addition, the National Cyber Security Centre (NCSC) has recently launched a reporting service urging the public to forward any questionable emails to report@phishing.gov.uk. The NCSC’s automated scanning system then checks them, and immediately shuts down and removes criminal sites."
But there are other scams which may be less easy to spot, such as fake online shops selling personal protective equipment items – and the sites for some of these also distribute malware which damages the computer systems of those who visit the sites.
Even charities are at risk, as some have been contacted by fraudsters claiming to be from an organisation able to provide helpful information such as a list of "at risk" elderly people in the community who may require support from the charity. The recipient is then directed to click on a link leading to a fake website or a request to make a cryptocurrency (such as bitcoin) payment, to enable release of the information.