HMRC removes nearly 300 Covid-19 phishing scam sites

Internet Service Providers have been forced to remove 292 scam web addresses exploiting the Coronavirus outbreak since March 23, according to official figures.

The data, obtained under the Freedom of Information Act by Griffin Law, revealed that, of the 292 sites removed, 237 were proactively identified and requested for removal by HMRC independently, with the remaining 55 flagged by members of the public.

HMRC also disclosed that it had identified a total of 62 active phishing scams related to Covid-19 since March, with the majority in the form of text message scams. per cent

The news comes as a new study from Barracuda Networks revealed that 51 of global businesses had seen a rise in phishing email attacks, with 49 per cent saying they expect to see a data breach or security incident in the next month.

Barracuda Networks’ CTO, Fleming Shi warned that opportunistic hackers were “on the lookout to target vulnerable organizations, which may have weak security infrastructure in place during this difficult time.

Andy Harcup, VP, Absolute Software said, “With millions of people working remotely during the lockdown, hackers are creating increasingly sophisticated email and text message scams designed to trick individuals into handing over confidential data.

It’s vital that during this difficult time companies and workers remain vigilant

“We’ve already seen a huge rise in phishing attacks purporting to be from key government initiatives such as the Coronavirus Job Retention Scheme, asking for bank account details and other personal information.

“It’s vital that during this difficult time companies and workers remain vigilant; checking the legitimacy of all emails and ensure that they have the necessary security systems in place to identify these threats and prevent cyber criminals from exploiting vulnerable people during the Covid-19 outbreak.”

Tim Sadler, CEO, Tessian added: “During the Covid-19 outbreak, we’ve seen opportunistic hackers continually taking advantage of the fact that people will be searching for more information and guidance on how to adjust to the new normal, in attempts to make their phishing scams all the more effective. 

It’s vital that companies and employees are made fully aware of these threats

“All too often these email scams are incredibly realistic, purporting to be from trusted organisations or authorities like HMRC, to convince people into complying with requests – whether that’s handing over personal bank account details, phone numbers and passwords. 

“It’s vital that companies and employees are made fully aware of these threats, particularly at a time with high levels of remote working, with many people in isolation and at a much greater risk of being defrauded.

“Key tips to stop scammers include, being careful to share any personal information online as well as being wary of unsolicited emails asking for urgent information. It’s also critical to avoid sharing financial details or personal information with unfamiliar websites. And if you’re still not sure, call HMRC directly to verify the legitimacy of their message.”