UK banks are stepping up fraud prevention measures to protect customers from scammers eager to exploit the coronavirus pandemic with a whole range of new tricks, including fake sales of medical supplies and bogus government relief schemes.
With British households effectively on lockdown, some banks said customers had already been caught out by fraudsters posing as banks, government and even health service providers to persuade victims to hand over passwords or other sensitive data.
Fraud is also on the rise in the United States, where regulators have warned about investment and data theft scams.
In the UK, Barclays, HSBC, Lloyds Banking Group and Royal Bank of Scotland have launched social media campaigns to flag ploys. Metro Bank said its fraud team was still operating a 24-hour, seven-day service to help affected customers.
The banks said scammers were using a range of methods to prey on people.
Common “phishing” emails, authorised bank transfers and schemes involving fake buying or selling of goods or services are on the rise, alongside more sophisticated “payment diversion” frauds, designed to coax businesses to part with large sums of cash.
One such example flagged to Reuters called on business owners to make a 25,000 pounds payment to a fake government support initiative called “The Central Employers Scheme” set up to cover sick pay during the outbreak.
A UK banking source said another victim made a significant payment to a “COVOID Bond”, also fraudulently linked to the UK government.
The banks said such typographical errors were often made deliberately by scammers to lend authenticity to the request, particularly if the sender was posing as a chief executive or colleague demanding the recipient took quick action.
The UK banking source said another customer was persuaded via email to send a cross-border payment to a scam account after fraudsters said the legitimate account had been “frozen by the Greek Government.”
“This virus won’t stop bad actors and fraudsters, if anything, it will encourage them. I am much more nervous about this today than ever,” Richard Meddings, chairman of retail bank TSB, told Reuters.
“People will be at home, receiving phone calls and texts from people who claim to be their banks, asking them about cancelled events and travel plans and offering refunds. Fraud can only go up under these kinds of circumstances,” he said.
Figures published earlier this month by trade body UK Finance showed around a quarter of the 456 million pounds ($535.2 million) of authorised bank transfer fraud was returned to victims across the industry last year.
TSB, the only UK bank to offer a Fraud Refund Guarantee, has returned 99% of losses to its customers since April.
In the United States, the U.S. Federal Deposit Insurance Corporation, the regulator which insures customer deposits, last week said fraudsters were exploiting popular anxiety and confusion to steal personal data, such as birthdays and Social Security numbers, through texts and social media.
Many U.S. banks have cut branch hours or are pushing customers to use online banking to mitigate the spread of the coronavirus. That has created opportunities for scammers who, impersonating FDIC officials, have urged depositors to hand over their data, saying their current lender is about to collapse.
“During these unprecedented times consumers may receive false information regarding the security of their deposits or their ability to access cash,” the FDIC said.
British banks said they are working hard to get the word out.
“We have increased our warning messages across all of our communication channels and as the situation evolves we continue to review and update these warnings,” an RBS spokeswoman said.
“We also ask that customers spread the word amongst family and friends, especially the more vulnerable in our society.”
A tweet from Lloyds warning customers of the dangers had over 1 million views by Sunday evening, in a sign of the level of public concern.
Action Fraud, the national fraud and cyber crime reporting centre, said the majority of reports it had received in recent days related to online shopping scams where people have ordered protective face masks and hand sanitiser which have never arrived.
“The advice is simple, think very carefully before you hand over your money, and don’t give out your personal details unless you are sure who you are dealing with,” said Graeme Biggar, director general of the National Economic Crime Centre said.
In the United States, lenders including United Bank, Citizens Bank, and Fifth Third Bank are alerting customers to fraud-related schemes and encouraging them to protect their personal information.
Northwest Bank is also providing customers with information and tools to help spot tactics aimed at obtaining customer financial information.
Some European banks are also concerned their workforces could fall foul of fraudsters.
A staff memo sent by Italy’s UniCredit <CRDI.MI> earlier this week warned of “ongoing campaigns” against the bank’s IT security and urged staff to be extra vigilant of incoming email, SMS and WhatsApp messages that referred to coronavirus.
“Customer data safety and security is UniCredit’s top priority. As always, we continue to take and apply all the necessary measures to protect our customers and systems,” the bank said.
Source: Reuters 24 March, London
Reporting: Lawrence White & Sinead Cruise