RSA Head of Fraud Adele Sumner on the latest Covid-19 scams to avoid

Authored by RSA's Head of Counter Fraud and Financial Crime Adele Sumner

The COVID-19 pandemic has meant many of us have had to adapt our lifestyles. An unfortunate consequence of this is that it has opened up new avenues for fraudsters to execute scams.

The UK Government Counter Fraud Function advises "the fraud threat posed during emergency situations is higher than at other times" and the police have reported an increase in coronavirus related scams. Figures from Action Fraud in May estimate that fraudsters have already made in excess of £4.6m using virus related scams. 

Here are a few types of scams our Counter Fraud Unit have spotted more often since the outbreak of the pandemic earlier this year.

The "Man in the Middle" payment fraud scams

This type of fraud occurs where a fraudster secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other. This technique was already prevalent prior to coronavirus but is now on the rise as people predominantly use email to communicate. 

The fraudster aims to intercept customer emails containing bank details and change the sort code and account numbers in an attempt to redirect funds to their own account. To counter this we have made sure staff always look out for subtle differences in email addresses made by fraudsters to prevent this type of attack.

"Sneaking in" on Video calling apps

You wouldn't allow strangers to stand in on meetings in an office, and virtually the same should apply. Since lockdown the use of video conferencing tools has increased greatly and subsequently provided fraudsters with another way to acquire information not intended for them. When taking part in video conferences it is advised to take extra care who is in attendance and only use conferencing tools with passwords or approved by your organisation’s IT department.

Application Fraud

Fraudsters are chasing money and to achieve that aim they often need a contract with an organisation. Fraudsters will provide false details such as fake names, addresses, bank details etc. in their attempts to circumvent our fraud technology controls.  If we let fraudsters obtain a policy, they can then go on to make fraudulent claims.  We are constantly upgrading the tools we use and our ability to detect fraud but as fraudsters develop new scams, we are always evolving in order to prevent them.

Fraudulent claims

We've seen cases of policyholders attempting to claim for missing Rolex watches whilst "out doing their daily exercise" and the huge surge in online shopping generally has made it easier for fraudsters to doctor e-receipts.

Fake SMS and emails

This pre-Covid scam is also on the rise.  Fraudsters pose as well-known companies or organisations (eBay, Amazon, HMRC etc.) to trick you into sharing your bank or payment details.  Remember, if it looks suspicious or sounds too good to be true, it probably is.

Increased homeworking risks

Fraudsters are taking advantage of us working in a non-office environment where we may feel more relaxed and less vigilant.  In order to protect yourself from risks, people are advised to continue to act as you would in the office when it comes to security: lock your laptop when it's unattended, keep your personal phone away from it to ensure secure information is not accidentally shared and do not send data to your own personal email address. 

How do I protect myself from fraud risks?

As a business we do what we can to combat fraud and prevent harm to our customers. These include:

• working closely with other insurers to discuss emerging COVID related fraud risks and threats
• regular contact and interaction with law enforcement and industry bodies including the City of London Police Insurance Fraud Enforcement department, the Insurance Fraud Bureau, the ABI and General Insurance Fraud Committee
• continuous investment in market leading fraud detection technology and use of sophisticated models to identify fraudsters
• ongoing training and communication with colleagues. Sharing knowledge of fraud risks to help us detect fraudulent attempts quicker

While we do what we can, there are three simple steps we recommend everyone should follow:

• Stop: Take a moment to stop and think before parting with your own money or information. Avoid "man in the middle attacks" by taking extra care to ensure you are paying the correct customer and follow up with a phone call to ensure funds have reached their intended destination.
• Challenge: Consider the possibility of the information or request you're being presented with is fake. It's ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.

Protect: Contact your bank immediately if you think you or a member of your family have fallen for a scam and