Gone Phishing

After over a year of the UK government telling people to stay home, there has been an increase in online phishing attacks and other fraudulent online schemes. These attacks are enabled by advances in technology and attackers are praying on the vulnerabilities of working from home and individuals heightened anxiety surrounding Covid-19. Phishing attacks can come in many different forms, generally, they are e-mails or copycat websites impersonating a formal body or organisation where the cybercriminal, through the use of an email attachment or link, distributes a malware or a computer virus to gain access to your systems and sensitive information. 

Throughout the Covid-19 pandemic governments and businesses have been directing citizens and staff to the World Health Organisation (WHO) for credible updates on Covid-19. As a result, cyber criminals are capitalising on these uncertain times and pretending to be WHO by sending fraudulent e-mails or text messages. WHO have published a warning for citizens to 'beware of criminals pretending to be WHO' trying to steal money or sensitive information. In addition, a vaccination scam has arisen which sends phishing text messages telling the recipient they are eligible to receive a vaccine with a link to a fake NHS page which requests personal information including credit card details.

Over the last year, businesses have reported an increase in phishing attacks of 14% according to the Department for Digital, Culture, Media & Sport's recently released Cyber Security Breaches Survey 2020. While phishing has increased, organisations ability to recover from any security breach has also increased with organisations implementing awareness campaigns across workforces and an uptake in board engagement with cyber security has lead to increased action to identify and manage cyber risks.

The UK government has recognised the impact of online scams and in a Westminster Hall debate on 28 April 2021, I was noted that fraud accounted for a third of all estimated crime in the year ending September 2020. In order to tackle online scams the UK government has announced the draft Online Safety Bill which has been widened in scope to include user-generated fraud. This increased regulation is a welcome step towards minimising and tackling online fraud.

These improvements in organisational resilience to cyber attacks will be put to the test as cyber crime continues to increase. With many working from home, employees may become less vigilant to the threat of cyber attacks while becoming increasingly bombarded with false phishing texts, e-mails or other communications. Don't let the phisherman catch you or your employees, stay alert.

If you suspect that a fraud has been committed the incident should be reported to Action Fraud.