Cifas highlights upward trend in malicious phishing and bitcoin fraud episodes

There has been an increase in fraudsters purporting to be from the World Health Organisation (WHO) e-mailing and texting the public asking them to donate money using bitcoin to their COVID-19 Solidarity Response Fund. The WHO does have a legitimate fund by this name, and impersonators are also using the fake address ([email protected]) to make the fraud look more realistic. Cifas is warning potential donors not to send money by bitcoin and to never make donations by e-mail. Instead, payments should be made directly through the WHO website. 

A number of ‘COVID-19 quizzes’ are currently circulating on social media claiming to test a person’s knowledge about the pandemic. The quiz is designed to extract personal information and includes questions unrelated to the pandemic such as mother’s maiden name, family information and names of pets, and also asks for e-mail addresses and telephone numbers.

Cifas is reminding the public never to provide personal information to anyone as it can be used by fraudsters to commit identity fraud.

As a direct result of a large number of music concerts and festivals being cancelled or postponed, many DJs are taking to Facebook, Twitch and Twitter to stream events. During these live streams, fraudsters are using ‘liked’ tracks to hide infected files which, when clicked on, download malware or infected files.

Consequently, Cifas is warning people to avoid clicking links during live streamed events. They should only download music or stream music from trusted sources such as Spotify or Audiomack.

The number of Coronavirus-related bulk domain registrations is on the increase. Linked to many of these registration sites are fake Coronavirus surveys or symptom trackers. These sites seek to harvest personal information and/or inject malware into computers. Cifas is reminding the public to be cautious when visiting sites seeking to record personal information, and to only use legitimate services backed by the Government and medical organisations.

Coronavirus Job Retention Scheme phishing e-mails

Business owners have recently been targeted by e-mails purporting to be from the CEO of HMRC. Under the heading ‘HM Revenue & Customs’, the e-mail is asking for the bank account details of the recipient to assist them in making a claim through the Coronavirus Job Retention Scheme.

Cifas is advising business owners to be suspicious of texts, e-mails or calls purporting to be from the Government and offering financial help or tax refunds. Owners and directors should visit GOV.UK to check out how genuine schemes operate.

In addition, research has revealed a 600% rise in the number of phishing e=mails delivered worldwide using Coronavirus-related themes.

Anyone that has received a suspicious e-mail can report it to the Suspicious E-Mail Reporting Service: [email protected].

Amber Burridge, head of intelligence for Cifas, explained: “Fraudsters are always quick to spot new opportunities. Many are now using the Coronavirus pandemic to prey on people’s fear and uncertainty to obtain money and personal information. If you do receive a request for money or information and you cannot confirm it's legitimate, then don’t be afraid to challenge it. The advice is to stay vigilant and remember that criminals are changing their tactics on an almost daily basis. The scams you are seeing today will likely not be the ones you’ll see tomorrow.”