COVID-19 Protect yourself from fraud

Criminals use exceptional circumstances like the current COVID-19 situation as a chance to pose as employees of a genuine organisation, such as building society / bank staff and police officers and target you for fraud scams.

Criminals pretend to be from your building society, bank or the police and claim they are dealing with coronavirus-related issues that require you to respond by paying money or providing personal information that will allow them to access your account.

They often use pressure tactics to stop you thinking about want they want you do for them.

To be clear, Penrith Building Society will never:

• Ask you to disclose your PIN number or other passwords for your accounts
• Encourage you to move funds from your own account into a different “safe” account
• Encourage you to order and pay for UK cash via the phone or internet.
• Charge up-front fees for repayment holidays
• Make home visits to collect mortgage arrears on your doorstep
• Demand an immediate payment of mortgage arrears over the phone
• Demand payment of mortgage arrears via email providing you with a link through which to make payments.

Individuals who approach you saying that they are building society employees and who pressurise you in the ways outlined above are criminals.

Stop – Take a moment to think.

Challenge – Don’t be afraid to ask questions or to say “No” and end the conversation.

Protect – Contact the building society or the bank from which you have made a payment immediately if you think that you have been the victim of fraud.

Phishing scams

Phishing scams have become ubiquitous through email communication and commerce. Cyber criminals are exploiting the Coronavirus through the wide distribution of mass emails posing as legitimate organizations such as the Center for Disease Control (CDC) or World Health Organization (WHO). In one particular instance, victims have received an email purporting to be from the WHO with an attachment supposedly containing pertinent information regarding the Coronavirus. This leads to either unsuspecting victims opening the attachment causing various types of malware to infect their system, or prompting the victim to enter their email login credentials to access the information resulting in harvested login credentials. These incidents enable further instances of cyber-enabled financial crime such as Business Email Compromise (BEC), PII theft, ransomware, account takeovers, etc. Another side effect of the Coronavirus is increased teleworking, which furthers the reliance on email for communication adding yet another multiplier to these email fraud schemes. More of these incidents are expected, and increased vigilance regarding email communication is highly encouraged.

Social engineering scams

Another emerging fraud scheme exploiting the Coronavirus is using social engineering tactics through legitimate social media websites seeking donations for charitable causes related to the virus. Criminals are exploiting the charitable spirit of individuals, seeking donations to fraudulent causes surrounding the Coronavirus. Increased caution should be exercised when donating to causes tied to Coronavirus relief.

Non-delivery scams

A third fraud scheme surrounds non-delivery scams. Essentially, criminal actors are advertising in-demand medical supplies for sale to be used to prevent/protect against the Coronavirus, i.e. medical masks, gloves, disinfectant, etc. The criminal enterprise will demand upfront payments or initial deposits, then abscond with the funds and never complete delivery of the ordered product. Increased caution and vigilance while purchasing these supplies should be exercised