Back to News


Coronavirus Scams: What to look out for and what to do

While most of us are trying to do our bit to support our communities as best we can, there are few unscrupulous individuals trying to capitalise on the coronavirus pandemic – especially online.

In fact, according to recent media reports, rates of cyber crime are increasing during the lockdown because it can be a lucrative way to make money. Many of us are distracted and anxious because of the current situation, causing us to make hurried decisions, clicking on suspicious links, allowing criminals to access our computers, IT systems and bank accounts.

Thankfully, there are steps you can take to protect yourself, many of which we’ve compiled in this article.

What do I need to look for?

Does it sound too good to be true?

Does the message claim to have a cure for coronavirus? Access to tests? Or protective equipment? It’s unlikely to be true. Criminals may be attempting to play on your fears to offer a solution for a high price.


Phishing occurs when a criminal tries to get you to click a link or download an infected file in order to take control of your IT systems.

Phishing scams can be difficult to spot because they often impersonate someone you trust, such as a friend, family member or colleague. Always ask yourself if the message looks and sounds like the person it’s supposed to be from. If a contact’s device has been hacked, a message may have been sent from their email address without their knowledge.

Check that the message is addressed to you and you haven’t been blind copied (BCC) in. This is a sign that the message has been sent to multiple people at once, so it may be trying to scam lots of people at once.

You may also have been contacted by an organisation out of the blue. There have been cases of emails and texts claiming to be from local hospitals, saying that family or friends have tested positive for coronavirus and that they should download an attachment to find out more. The attachment contains a virus that attacks the recipient’s computer. In fact, there have been reports of criminals impersonating organisations such as the World Health Organisation in order to get people to click links that lead to viruses.

Even though the ‘From’ name might appear to be that organisation – and the content may look professional – take a look at the address it was sent from. Often it won’t be from the organisation at all, or the email address might be misspelt. For instance,, which might not be obvious at first glance.

Want to know more about Phishing and how to spot it? Visit the National Cyber Security Centre.

Is the good cause all it seems to be?

Taking advantage of goodwill is another tactic on the rise. If you’re making donations or financial contributions to good causes, be sure the channels you’re using are legitimate. If you’re unsure, contact the charities or organisations using the details listed on their official websites.

Do they ask for an upfront fee?

Be cautious of anyone asking for money before receiving services, especially in relation to your finances. For instance, if they promise to help with debt, insurance, investments or cash flow don’t pay a fee in advance.

Do they say your bank is in trouble?

Recent documentation issued by the FCA in April highlights several cases of individuals being told that their banks are in financial difficulty due to coronavirus, before being asked to transfer their accounts to a different bank with different details.

If your bank is experiencing difficulties, they will contact you directly and never ask for your details over the phone or by email.

How to Protect Yourself Against Scams

Keep Remote Workers Safe

If your teams are working from home, make sure they have up-to-date antivirus and firewalls alongside Virtual Private Networks (VPNs), which protect business systems from malware. You should also encourage the use of strong passwords, using combinations of numbers, letters and special characters. The National Centre for Cyber Security has more advice if your teams are working from home.

Read more: Tips and Links for Businesses Working Remotely.

Keep Personal Data Private

Don’t give out personal details (including addresses, passwords and bank details) to anyone you don’t know, so they can’t impersonate you or access your bank accounts.

Don’t Feel Pressured

If you need time to think about an offer, ask for it. A reputable company wouldn’t put you on the spot, or use fear, to force you to buy a product or service. Ask for an hour to think and do further research if necessary.

Don’t Open Anything Suspicious

While it might sound obvious, you might be tempted to open a file sent by a colleague, even though the file name looks suspicious. Give them a call to check to make sure they meant to send it to you.

The same applies to online advertising. If your favourite brand has an advert that isn’t in keeping with their normal style, give it a wide berth; type their web address into your browser if you want to visit the site.

Do Your Homework

Use the FCA Register to make sure companies are legitimate. Any business operating in the financial services sector in the UK must be registered with the FCA. Whether they’re providing insurance, investment services or loans, they should be on the list.

Visit the FCA Scam Warning List.

Beware of Clone Companies

Some criminal organisations may impersonate reputable businesses and therefore appear to be on the FCA Register. If a company is listed but you’re still unsure if the message is legitimate, contact them for confirmation, using the contact details on their official website.

Consider Cyber Liability Insurance

Cyber Insurance may be a valuable addition to your business. It provides valuable support in the event that your business suffers a cyber attack, phishing scam or ransomware, helping your business get back on its feet as soon as possible.

If you suspect you have been a victim of cyber crime, visit Action Fraud to report the incident to the police.

Related Articles