BCL partner Michael Drury discusses the risks to cyber security and individual’s private information during the Covid-19 pandemic.
It is a notable feature of public crises that crime often follows. Most interestingly in the United States on 16 March, the US Department of Justice has issued guidance to US Attorneys across the nation to prioritise prosecution action against financial scams which seem to rely on the potential victim’s fear induced by the ongoing coronavirus problems.
It seems inevitable that similar attempts will be made within the UK and indeed many will already have received communications by ‘phone or by other means requiring the provision of personal financial information in order to maintain current services, for one’s phone, electricity, and other utilities or personal needs. Such scams are already being reported: see https://www.bbc.co.uk/news/uk-51964507
As with the situation before coronavirus, the simple message is that one should be scrupulous and rigorous in cyber security. Think carefully before acting.
What does that mean?:
- Being suspicious and cautious, especially if the message is unexpected.
- Asking, ‘why I have received the communication?”
- Asking, ‘is the communication requiring me to give over financial information (even if to an institution with whom I have a relationship) ?’
- If so, considering the source of the request – the email address of the sender of the message and or the phone number – and asking “does it look right?”
- Ignoring obvious scams – it is unlikely that HMRC will be offering you a tax refund in the present circumstances in respect of tax already paid.
- Calling the institution back but only on a number or using an email address obtained from public information and not using any contact details in the call or message. And preferably by using a different phone/device.
More generally, the position remains in relation to unique one-time offers is that “if it appears too good to be true, it is not true”.
The UK response:
Already the subject of criticism very widely as to the lack of effectiveness and real resources to combat fraud amongst a myriad of other competing demands, the first
response of law enforcement in the UK would appear to use the ‘Action Fraud’ hotline/internet portal.
As at the date of writing and unsurprisingly but worryingly, the website indicates that those responsible under the ‘actionfraud’ banner are themselves affected by the coronavirus which will lead to a falling in response capability.
Reflecting the position more generally, the UK does not seem to have the same capability or drive to combat/punish fraud as evidenced in the recent Department of Justice direction in the US.
The message therefore remains that prevention is far better than cure when it comes to being a (potential) victim of fraud here.
As perhaps with many other elements of the present coronavirus situation, self-disciplineand self-help seem to be the means by which disaster can be averted.