Cyber Exposure increased during Covid-19 lockdown

Covid-19 brings its own unique challenges to our businesses and amplifies existing Cyber threats. We are all rightly so distracted by the major global pandemic. Our businesses have had to react quickly and put into place new practices such as working remotely from home.

With huge increases in the number of people working from home our businesses are even more vulnerable to attempted fraud and the criminals are taking full advantage.

Last week alone Schofield Insurance Brokers have had 4 reports from clients regarding some form of cyber scam. One client had their email address duplicated and the fraudster emailed their customers requesting urgent settlement of an invoice. The email contained new bank details. The fraudster got away with £9,000. 

❓How Is This Likely to Have Happened❓

Scammers hack a companies email account (usually someone in the finance team) and it then sits undetected, monitoring the companies incoming and outgoing emails.  The fraudsters learn the writing style of the person that they plan to impersonate and pick up on things like recent holidays and general chit chat regarding the person’s life in general (they can use this to then validate their emails, such as “did you have a nice holiday to…..), then at the opportune time they will strike. This usually revolves around invoicing, perhaps a Friday or the end of the month. They will then monitor the emails with invoices attached and also review prior months sent invoices (to attempt to chase outstanding debt) and then a few days later will send a new email from a newly set up email account (that is almost exactly like the email address they are impersonating) chasing the payment and attaching a new invoice with amended bank details. Hoping the customer will make payment without any thought.

Cyber Fraud does not just impact on our business clients. The fraudsters target us as individuals as well so Schofield Insurance Brokers would recommend that we are all alert and aware of the dangers.

Most scams being seen to target individuals are phishing emails designed to trick people into clicking on a bogus link. However, other tactics are used too such as smishing and spear phishing

⁉️What is Phishing⁉️

Usually an illegitimate email is sent with the intention to get you to click on a link. This link will then download a virus on to your computer or send you to a website designed to capture your personal data or passwords.

These phishing attacks are becoming more sophisticated and it can be almost impossible to differentiate them from the real thing. It could be an email from your bank or someone you online shop with, a switch in your invoicing account details, a government rebate. They look and feel like the real thing.

The latest phishing scams all seem to involve Covid-19 in some form or another. The City of London police reported a 400% increase a result of Covid-19 related scams and the UK is proving to be the most targeted county. 
Some examples include online shopping scams involving high demand items, such as hand sanitiser and face-masks, fake lockdown fines, HMRC goodwill payments and even an email claiming to be from the World Health Organisation suggesting you download a PDF document with advice on how to stay safe during the outbreak.

⁉️What is Smishing⁉️

SMS equivalent to phishing. The malicious message appears on your phone as a text message often with a disguised phone number to make it look like it has come from a reputable source. It will invite you to click a link. Common smishing messages will look to have come from your bank, itunes or perhaps an online competition.

⁉️What is Spear Phishing ⁉️

Spear Phishing is a more direct form of phishing, this is where the email will target a specific person. Often the sender is shown as a specific person the receiver knows, for example a work colleague, a more senior employee or someone from the company IT or accounts department. The email may also contain other information about the receiver that has been obtained from the internet such as recent holidays or other key events. This is used to make the email seem more genuine.

There are some common signs to watch out for:

  • Authority – If you get an email claiming to be from your bank you should immediately be extra vigilant. Make checks on the authenticity. Contact your bank on your USUAL contact numbers not the one in the email. 
  • Urgency – Be wary of responding to anything that claims you must take action within a time period. Remember to carry out your checks, contact your Bank! If it’s from a utility provider or HMRC - is it expected? If not check!
  • Emotion – If the email makes you feel strongly about something: panic, anger, joy then there is a chance that it is trying to get you to respond before you have the chance to really scrutinise the logic behind the claims. The recent text message scam suggesting you’ve been fined for going outside is, when you’ve had the chance to calm down, clearly ludicrous. But it can make you angry and not think clearly. We are all under a huge amount of stress.

We have got used to using two-step authentication nowadays. This is where we sign in to a website and then a code is sent to your phone to authenticate it is definitely you trying to login.

So, do the same in reverse. When you receive an email or text from a company, call the company and check it’s a genuine request.

What to do if you’ve already clicked

  • If you’re on a work computer then let your IT department know immediately so that they can then fix it, do not try hide the fact you have done it, the quicker they know about it then the quicker they can stop anything further happening.
  • If you’ve given out your bank or other professional account details contact your Bank and let them know, request they put a freeze on your account before the scammer gets the chance to take advantage.
  • If you have had money removed from your bank illegally, this is a crime, so make sure you have alerted your bank but also report it via Action Fraud either online or over the phone on 0300 123 2040
  • Run your antivirus on your computer to see if it can find any malware or viruses
  • If you’ve given away passwords then you must change them immediately. Consider using a secure password generator in the future. If you use the same passwords for various websites change them all. 

Don’t be an easy target!

We’re making criminals lives much easier by regularly giving away our most personal information. This can then be used against us by demonstrating authenticity. In the worst case scenarios we give away enough information for fraudsters to access our accounts without further involvement.

  • Review your privacy settings on social media. Do you have to share everything publicly?
  • Do not take part in the posts inviting you to reveal your date of birth middle names etc. First letter of your middle name, month you were born or favourite colours, films etc. As fun as this might be, you are often providing characters of your passwords or pass phrases without even realising!
  • Check to make sure friend requests are genuine. Some fake profiles are designed to make you ‘Add friend’ when the real person is not even on social media
  • Flag suspicious emails by marking them as spam
  • Keep up-to-date. Make sure your computer is regularly updated and you have up to date antivirus software completing full scans periodically.

Cyber Insurance is now an essential protector for most businesses against many types of loss you may incur. As well as the above scenarios mentioned the increased risk of data leakage from employees home working must be recognised, managed and insured if required. A cyber insurance policy will help you in this area.

Please also see the "Little Book of Cyber Scams 2.0” produced by the Metropolitan Police - link here. This document provides some additional useful information and considerations and in a very interesting read!

If you would like any help with cyber risk and insurance, please contact your usual Schofield Insurance Brokers contact, alternatively please call the general office number on 01132500377.