Criminals are exploiting Covid-19 to target victims, says a financial services trade body that says it has seen a sharp rise in impersonation scams in the first half of 2020.
Impersonation scams occur when the victim is convinced to make a payment to a criminal claiming to be from, typically, the police, a bank, a utility company, or a government department. There were almost 15,000 impersonation scam cases reported by UK Finance members between January and June, an increase of 84 per cent compared to the same period last year. Among these, some 8,220 cases involved criminals impersonating the police or a bank, a year-on-year rise of 94 per cent. Another 6,730 cases involved fraudsters imitating other trusted names such as a utility company, telecommunications service provider or government department, an increase of 74 per cent.
Some £58m was lost to impersonation scams in January to June, a rise of three per cent on the previous year. This was split between £36.7m lost to bank and police impersonation scams; and £21.2m lost to scams impersonating others. Scams involving the criminal impersonating a bank or the police often begin with a phone call or text message claiming there has been fraud on the victim’s account. The customer is then convinced that to protect their money they must transfer it to a ‘safe account’ which actually belongs to the fraudster. Other common scams involve text messages or emails claiming a victim must settle a fine, pay overdue tax or return a refund that was given by mistake.
Intelligence reported to UK Finance suggested the rise is partly driven by Covid-19; including, fraudsters sending emails or text messages pretending to be from government and offering grants related to Covid-19. Criminals may also get in touch claiming to be from an airline or travel agency, offering refunds for cancelled flights or holidays. Or, criminals are exploiting remote working, by posing as IT departments or software providers and claiming that payments are needed to fix problems with people’s internet connection or broadband, or asking for remote access to the victim’s computer.
Comments
Katy Worobec, Managing Director of Economic Crime at UK Finance, said: “Criminal gangs are ruthlessly exploiting this pandemic to commit fraud, so it’s vital we all work together to beat them. We are urging the public to remain vigilant against these vile scams and remember that criminals are experts at impersonating people, organisations and the police. Fraudsters will spend hours researching their victims, but they only need you to let your guard down for a minute.
“Always take a moment to stop and think if you receive a request to make a payment from someone claiming to be from an organisation you trust. Instead, contact the company or organisation directly using a known email or phone number, like the one on their official website.”
UK Finance points to the Banking Protocol, a scheme that allows bank branch staff to alert police to suspected scams and which prevented, the trade body reports, £19m of fraud and led to over 100 arrests in the first half of this year. On the protocol, however, Gareth Shaw, Head of Money at the consumer campaign group Which?, said: “The banking industry recognises that these are sophisticated scams, with fraudsters often using meticulous research to convincingly impersonate representatives from trusted organisations and cheat people out of sometimes life-changing sums of money.
“While it’s important that people are alert to these threats, banks have a critical role to play in protecting customers from the scams that they are usually better placed to spot. Sadly, innocent victims who have lost money to bank transfer scams all too often face a lottery when they turn to their bank for help.
“A voluntary approach to tackling bank transfer fraud has failed. Banks, regulators and government must work together to make the code mandatory and ensure that strong standards on reimbursement are introduced.”
For the police, Commander Clinton Blackburn, from City of London Police, the lead force for fraud which runs the much-criticised Action Fraud, said: “Banks are often the first point of contact when someone is about to fall victim to fraud, so the banking protocol is a vital way of protecting vulnerable victims and preventing criminals from taking advantage of them. Having a system in place where an immediate police response can be generated to a suspected fraud, allows officers to gain vital evidence and increases our chances of catching the criminal in person, or following the money trail right to their door.”
However, ever since lockdown in March, the national (though no longer Scotland) reporting line for such fraud, Action Fraud, has said on its website that its contact centre is ‘providing a reduced service’.
Separately, the City of London force has reported that it received 3,916 reports of cybercrime during the first month of lockdown. These reports equated to £2.9m in reported losses, an increase of almost 72 per cent, compared to the previous month.
What to do
UK Finance warns that criminals may research their targets first, using information gathered from other scams, social media and data breaches to make their approach sound genuine. They will also often try to rush or panic their potential victims into making a payment, for example by claiming their money is at risk or their account will be blocked unless they act. Something else to beware of is that the scammers may be spoofing phone numbers so that they appear to be ringing from somewhere you trust.
Customers can report suspected scam texts to their mobile network provider by forwarding them to 7726, and forward any suspicious emails to [email protected], the National Cyber Security Centre’s (NCSC) suspicious email reporting service. Suspicious emails claiming to be from HMRC should be forwarded to [email protected] and texts to 60599.
Other scams may see those targeted – typically, the elderly and vulnerable – persuaded to take out a sum of cash and hand it to a fraudster posing as a courier. In safe account scams, the victims are told their money isn’t safe in the account it’s in and needs to be transferred – to the scammer.
