With coronavirus comes a new wave of scams and all manner of misinformation, making small business owners vulnerable.
The aerospace, transport, manufacturing, hospitality, healthcare and insurance industries have already been targeted.
Action Fraud, a crime detection unit, has received 21 reports of fraud where coronavirus is mentioned. This may not sound like much, but over £800,000 has been lost so far.
Ten of these cases involved people attempting to buy masks from fraudulent sellers. One such victim lost over £15,000 for masks that were never delivered.
Other scams are more standard, seeing victims tricked into opening dodgy attachments and giving out personal information. Attachments can lead to websites promising a tax refund from the government or a donation page for people in need.
Predictably, some are exploiting money worries that small businesses are having at this time, like offering bogus loans. Their solutions demand upfront fees, pressuring victims to part with their money quickly.
Reports have been shared of WhatsApp messages telling you your bank is facing difficulty because of coronavirus. To protect your cash, they tell you to push it to a new bank account with alternative details.
Be aware that certain slimy fraudsters are using HMRC branding to try and dupe people into thinking their communication is from the government. That’s why the contents of the communication are so important. Often, emails and links will be littered with spelling and grammatical errors – that’ll be your first clue. Look at the email address of the person who sent it to you. If it’s from somewhere like a Hotmail or Gmail account, treat the email with suspicion.
The National Crime Agency said that it’s expecting an upsurge in phishing scams or calls ‘claiming to be from government departments offering grants, tax rebates or compensation.’
Be vigilant in avoiding these scams
Scams like these have been around for decades but have been adapted to different situations.
Remember the following quick tips to keep yourself and your business safe:
- Reject unsolicited offers, particularly ones that offer quick fixes
- Beware of social media ads or sponsored ads online
- Don’t click on links from senders that you don’t know
- Don’t give out personal details
- Research companies that you’re looking to buy from to make sure that they’re legitimate
- Have the latest software and app updates
- Monitor your bank statements regularly for any unusual activity
Check the Financial Conduct Authority’s Financial Services Register for the name of the business that’s contacting you. To be on the extra safe side, they have a warning list that you can check for companies that have been flagged by others.
The National Crime Agency also has this advice for businesses:
If you do get a request to move money into a new bank account, contact the supplier directly using established contact details like the phone number displayed on the back of your bank card.
Refine your processes for handling changes to payment details, like only letting certain employees deal with these changes.
Invoices, payment mandates and other documents which contain sensitive financial information should be stored securely and again, should only be available to those that need it to do their job.
If you fall victim, report it to Action Fraud and contact your bank immediately.
Employees working from home
Ensure your staff are aware of scams that they’re more susceptible to now that they’re working from home. For example, scammers tricking them into accessing their computer or handing over their login details, possibly posing as a fake IT team.
Encourage remote employees to take regular breaks to avoid making sloppy errors which could compromise security. One essential to pin down early is to make sure home their internet set-up is secure by creating a secure password for their router and enabling network encryption.
A National Cyber Security Centre (NCSC) spokesperson said:
“Cyber criminals are opportunistic and can often look to exploit current events and public concern.
“We strongly urge businesses and individuals to familiarise themselves with our guidance to reduce the risk of cyber attack.”