Special Feature
Part of a ZDNet Special Feature: Coronavirus: Business and technology in a pandemic

Coronavirus scams: This is how much people have lost to online fraudsters so far

Action Fraud details the latest figures - and warns people to be mindful of fraudsters and scammers.

Online fraudsters find new narrative in virus crisis
0:48

Over £2 million has been lost to coronavirus-themed scams, phishing emails and other fraud in the UK alone as cyber criminals look to exploit the COVID-19 pandemic for their own gain.

Newly released figures from Action Fraud, the UK's reporting centre for fraud and cybercrime, put the total combined cost of 862 known scams at £2,120,870 as of Friday 17 April.

In total, Action Fraud has received over 3,600 reports of coronavirus-related phishing emails. The purpose of these attacks is to trick the user into handing over personal information, bank details or to install malware by convincing people to open and respond to important-looking emails.

Meanwhile the US Federal Trade Commission recently said that Americans have lost over $12 million to Coronavirus scams since January – with consumers reporting almost 16,800 incidents so far this year.

SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

With coronavirus a global issue right now, attackers have increasingly taken to using it as a lure, sending bogus messages claiming to be from sources including the World Health Organisation, governments, police forces, logistics companies, delivery services and more, which all purport to include important information about pandemic.

For example, just this week, Action Fraud detailed a phishing scam purporting to be from the supermarket Tesco and offering free vouchers during the COVID-19 outbreak. But the link in the email to 'register' goes to a phishing website designed to steal login credentials as well as personal and financial information.

Cyber criminals are also attempting to exploit fears over the coronavirus outbreak with phoney online stores that claim to be selling personal protective equipment (PPE) – those who fall victim to this particular scam could find that they enter their payment and personal information, only to find they've given it directly to cyber fraudsters.

"Fraudsters will use any opportunity they can to take money from innocent people. This includes exploiting tragedies and global emergencies," Superintendent Sanjay Andersen, head of the National Fraud Intelligence Bureau, told ZDNet.

"The majority of scams we are seeing relate to the online sale of protective items, and items that are in short supply across the country, due to the COVID-19 outbreak. We're advising people not to panic and to think about the purchase they are making. When you're online shopping it's important to do your research and look at reviews of the site you are buying from."

SEE: Coronavirus-themed phishing attacks and hacking campaigns are on the rise

Action Fraud has also reminded people that neither the police or the government will ask you to transfer them money – and especially not using bitcoin or another cryptocurrency. Internet users are also warned to be suspicious of any links or attachments in unexpected messages – especially those that purport a potentially false sense of urgency.

There's been a sharp rise in coronavirus-related cyberattacks over the past few months as cyber criminals look to exploit the global situation to their advantage – especially as employees have needed to shift towards remote working.

However, while there has been a large increase in attackers attempting to take advantage of coronavirus, Action Fraud notes that the coronavirus-related fraud still accounts for under 5% of all fraud.

MORE ON CYBERSECURITY