media captionWATCH: Police raid the home of a vaccine-text fraudster
More than 6,000 cases of Covid-related fraud and cyber-crime have been recorded by the UK’s police forces during the pandemic.
The Action Fraud team said £34.5m had been stolen since 1 March 2020.
It covers activity in England, Wales and Northern Ireland, but not Scotland.
In a related development, the National Cyber Security Centre has told the
BBC it is tackling about 30 “significant attacks” a month against the
country’s pandemic response infrastructure.
These involves attempts to breach the NHS, vaccine producers and vaccine supply chains, among other organisations.
“There unfortunately have been a number of successful ransomware incidents against businesses – I can think of roughly around 10,” NCSC operations
director Paul Chichester said.
Other figures disclosed by City of London Police, which co-ordinates efforts to combat fraud, include:
more than 150 related arrests were made since the pandemic began
more than 2,000 websites, phone numbers and email addresses linked to the crimes were taken down
there was a total of 416,000 reports of fraud and cyber-crime
The activity peaked between April and May 2020, and January 2021 – both times when lockdowns were in force.
The Dedicated Card and Payment Crime Unit, which tackles criminal gangs
responsible for financial fraud and scams, worked with social media
platforms to take down over 700 accounts linked to fraudulent activity
in 2020, of which over 250 were money mule recruiters.
But this may be the tip of the iceberg.
The National Crime Agency estimates that just one in five fraud cases are typically reported to the police.
And the volunteer-run Cyber Helpline told the BBC only a quarter of those
who had contacted it after a cyber-attack said they had also reported
the incident to the police.
Bank loan scam
Many of the scams involved conning people out of their money and financial details by focusing on internet shopping.
Related fraud was 42% higher over the pandemic than the preceding year, as
criminals took advantage of the fact many physical stores had been forced to close.
Anna – not her real name – from Cheltenham was one of thousands of people who received an SMS message asking her to go online and rearrange a parcel delivery.
She filled in her details, but later suspected something was wrong. She alerted her bank and cancelled her bank card.
“I thought, now I have nothing to worry about, everything is fine and case closed,” she told the BBC.
But the criminals used the details they had already obtained to authorise her bank to credit her account with a £9,000 loan.
And a short while later they called her, pretending to be the bank.
Not realising the scam, Anna told them she had not taken out a loan.
“They gave me the sort code and bank account number I needed to pay back the loan, and said if I paid the £9,000 there wouldn’t be any charges.
“But then I was still feeling suspicious, so I Googled the sort code, and it came up with a completely different bank.”
So, Anna called her bank directly and realised the scammers had returned.
“I didn’t lose any money but it did feel like a real burglary to be honest,” she said.
She closed her account, and changed her email address and mobile number. But she still does not feel safe.
Charities are also common targets.
One in three charities suffered a cyber-attack during the first 10 months
of the pandemic, according to Ecclesiastical Insurance.
One victim actually specialises in offering cyber-security advice to others.
Hackers got inside Charity Digital’s network for seven days without being
detected. They compromised its email accounts and sent false invoices to
The organisation’s chief executive, Jonathan Chevallier, told the BBC the
breach had not been noticed in part because all his staff had been
working from home.
Charity Digital spent more than £10,000 investigating the attack and has
produced an online webinar to help others avoid a similar fate.
Fake tech support
Another popular type of cyber-fraud involved romance scams, in which people looking for relationships via the net often get fooled into sending
money to prospective partners, who prey on their emotions.
This type of crime was 20% more common over the past year than the one before.
In one case, a man was arrested on suspicion of using social media to advertise bogus car insurance policies to NHS workers.
The pandemic appears, however, to have coincided with a fall in one type of cyber-crime.
Reported cases of computer software service fraud – in which criminals call
offering fake tech support to fool victims into sharing their payment card details and other credentials – dropped by 15.5%.