Member Article

Hackers take advantage of Covid-19 with new HMRC phishing email attack

Cyber criminals are exploiting the government’s Coronavirus Job Retention Scheme with a highly sophisticated scam email, purporting to be from HMRC.

The email asks for the bank account details of the recipient and includes the following message with typos. “Dear customer, We wrote to you last week to help you prepare to make a claim through the Coronavirus Job Retention Scheme. We are now writing to tell you how to access the Covid-19 relief. You will need to tell your us which UK bank account you want the grant to be paid into, in order to ensure funds are paid as quickly as possible to you.”

The email, revealed today by the Lanop Accountancy Group, is targeting business owners using official HMRC branding and purports to be from “Jim Harra, First Permanent Secretary and Chief Executive of HMRC”. Around 50 business owners have so far reported receiving the suspicious emails to Lanop after noticing the email was sent via the address no-reply@ncryptedprojects.com, despite its user title being ‘HM Revenue & Customs’.

Recent research from cyber security company Barracuda Networks has suggested that Coronavirus-related phishing emails have risen by 667 per cent since the start of March. The scams included fraudulent communication purporting to be from the World Health Organisation (WHO) and the NHS and private health suppliers selling facemasks and other personal protection equipment (PPE).

Cyber security expert Chris Ross, SVP, Barracuda Networks comments:

“We’re seeing a sharp rise in phishing emails relating to the Covid-19 outbreak and this example underlines how hackers will prey upon vulnerable business owners who are trying to protect jobs.

As always with these scams, the victim is encouraged to disclose personal data and financial information under the false assumption that the email is legitimate. It is absolutely vital that businesses have the cyber security systems in place to identify and quarantine phishing emails and ensure that every employee is properly trained to spot suspicious communication and think twice before giving out personal information.“

Andy Harcup, VP EMEA Sales for Absolute, comments:

“The influx of remote workers has inevitably contributed to the increasingly sophisticated phishing attempts, which we have seen grow in frequency since the Covid-19 outbreak.

“What’s more, organisations still in operation during this pandemic have invested, purchased and borrowed thousands of new devices to manage the shift to remote working. Often, these new devices are not supported by company IT infrastructure or cyber security software. Thus cyber breaches are not only increasing in sophistication and quantity, but they’re also becoming more successful, as employees no longer have the cyber security software or infrastructure in place to flag or block suspected spam, malware of phishing attempts.

“Business owners must introduce these measures as a matter of priority – Covid-19 has been enough for us to worry about without the threat of a breach of personal, professional or client information looming over us.”

Tim Sadler, CEO for Tessian comments:

“Business owners must be increasingly vigilant during this difficult time, because opportunistic cybercriminals do not miss a trick when it comes to capitalising off the general public’s honesty, naivety or fear.

“Over the last month, we’ve seen a wave of phishing attacks targeting individuals and businesses, purporting to be from charities or insurance companies, in order to take advantage of the Covid-19 crisis. This is yet another way criminals aim to profit off the pandemic; scammers will rely on the fact that individuals are not likely to ignore an email from an authority like HM Revenue and Customs.

“Remote workers and business owners, therefore, must proactively consider the legitimacy of any email sent through to them which asks for personal information, admin credentials, or financial details. Always check the display name and email address match up and hover over URLs to make sure they are legitimate before complying with any urgent requests. Companies, too, need to ensure their people are protected when working remotely. Comprehensive email security software, alongside regular security training sessions and reminders, will ensure all are kept up to date on the current cyber threat-scape, and how to spot a potentially malicious email.”

This was posted in Bdaily's Members' News section by Nick Till .