Avoiding Scams during COVID-19
Scammers taking advantage during COVID-19 (Coronavirus)
Residents are warned to be on their guard against scammers who are trying to take advantage of the COVID-19 (Coronavirus) pandemic.
We have received information that scammers are using the situation to extort money or gain access to people’s homes.
These scams include:
- door-to-door fraudsters impersonating NHS staff and offering help with shopping in return for payment, or seeking donations to fund a vaccine
- individuals offering to go shopping for the elderly as a means to get and keep their money
- criminals calling at homes and selling people bogus tests to see if they're infected with the disease
Fraudsters are also sending out Coronavirus-themed phishing emails in an attempt to trick people into opening malicious attachments, or revealing sensitive personal and financial details.
- a text message claiming to be from Gov.UK stating “Enter Your Post Code to Apply for COVID-19 Relieve” (sic).
- a so-called urgent text to say the UK Government has issued a payment to all residents as part of its promise to battle COVID-19 - with a scam link to click.
- emails from scammers claiming to be from research organisations affiliated with the Centres for Disease Control and Prevention (CDC) and the World Health Organisations (WHO), offering people a list of Coronavirus infected people in their area via a link leading to a bogus website, or requesting payment in Bitcoin.
Residents are urged not to click on the links or attachments in suspicious emails and never respond to unsolicited messages and calls that ask for your personal or financial details.
If you’re making a purchase from a company, or a person you don’t know and trust, carry out some research first and ask a friend or family member for advice before completing the purchase. If you decide to go ahead with the purchase, use a credit card if you have one, as most major credit card providers insure online purchases.
Do not let strangers into your home, particularly at this time of self-isolation and social distancing. The Council is supporting Volunteer Centre Sutton, Age UK and Community Action Sutton to coordinate volunteer work. Those wanting to volunteer - and Sutton residents needing support - should visit Volunteer Centre Sutton’s website.
Residents can also find out more information on the Friends Against Scams website.
Sextortion email scams
We have been informed that there have been an increasing amount of “Sextortion phishing” emails being received lately.
Sextortion email scams - are a type of phishing attack where people are coerced to pay a Bitcoin ransom because they have been threatened with a video of themselves visiting adult websites being shared to the public. These scams are made to appear credible because they provide seemingly technical details about how the video was stored, and the phish can sometimes also include the individual’s password.
What is phishing?
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords or credit card details by disguising themselves as a trustworthy source through electronic communication such as text messages or emails.
What should I do?
These phish emails are designed to play on people’s emotions so that the individual behaves out of character.
- Like with other phish emails, the advice is to not engage with the phisher (sender) and avoid clicking on the links or attachments. Instead delete the email and report the person to Action Fraud.
- Do not pay the BitCoin ransom. Doing so will likely encourage more scams as the phisher will know that they have a ‘willing’ customer and there are more potential victims.
- Do not worry if the phish includes sensitive information such as your password; it is likely that your password had been obtained from previous breaches of data. You can check if your account has been compromised and receive future notifications.
- If the phish does include a password you still use then change it immediately.
If you have unfortunately fallen victim to a sextortion scam and have paid the BitCoin ransom, then report it to your local police force by calling 101.
If you need emotional support this is available from charities such as Victim Support by calling 0808 168 9111 or visiting: https://www.victimsupport.org.uk/
Test and Trace scam - How to stay safe
We are aware that a number of scam texts and emails that are in circulation, where the sender claims to work for the NHS Test and Trace service.
It’s important to remember that NHS Test and Trace will never ask you for financial details, PINs or passwords. They will also never visit your home.
Contact tracers will never:
Ask you to dial a premium rate number to speak to them (numbers starting 09 or 087).
Ask you to make any form of payment.
Ask for any details about your bank account.
Ask for your social media identities or login details, or those of your contacts.
Ask you for any passwords or PINs, or ask you to set up any passwords or PINs over the phone.
Ask you to purchase a product.
Ask you to download any software to your device or ask you to hand over control of your PC, smartphone or tablet.
Ask you to access any website that does not belong to the Government or NHS.
Whilst it is possible for criminals to fake official phone numbers, they cannot fake official website addresses. We encourage anyone with concerns about a phone call, text message or email they have received, in relation to Test and Trace, to check the website address being provided to you carefully.
If possible, type the official address, which will be: https://contact-tracing.phe.gov.uk followed by any unique characters given to you, directly into your browser.
If you think you have been sent a scam message, please report it to Action Fraud on 0300 123 2040 or via https://www.actionfraud.police.uk/