COVID-19, Fraud and you

15 April 2020


Jon Holden
Jon Holden
Man sits in very dark room, lit only by dull computer monitors. He is wearing headphones and working across 3 different monitors. He appears to be coding

Unfortunately, fraudsters are exploiting this awful situation for financial gain. But together we can work to combat their crimes. Our Head of Information Security, Jon Holden, explains how you can protect yourself from security breaches or malicious attacks and scams.

1. Beware of COVID-19 scams

Be wary of fraudsters attempting to scam you by mentioning recent events. For example, “your health insurance provider wants to make a payment to you because you’ve been affected by COVID-19” or, “we’d like to issue you a refund as your holiday was cancelled because of COVID-19”.

Fraudsters scour social media to find out info about their victims. So, be careful how much information you post online about yourself and your family – this can make their research a lot easier! If you’ve cancelled your holiday plans because of COVID-19 and you put it on social media, remember fraudsters could see that info too.

2. Watch what you’re spending on during this unprecedented time

If something is too good to be true, then it probably is! Don’t be tempted to make purchases or grab a bargain, when otherwise you wouldn’t.

Be aware of making ‘emotional purchases’ during difficult circumstances, for example face masks, gloves, COVID-19 testing kits, even donating to charity. Check that the seller, and the payment method, is legitimate.

3. Check your phone’s fingerprint access settings

Unfortunately, financial fraud can be carried out by someone we know. It can happen at any time, with fraudsters coming in all shapes and sizes. If someone has access to your phone, then it’s likely they can access any data stored on your phone and be highly exploitative.

Keeping close guard of who has access to your phone is wise, and ensure you pay close attention to anyone who has fingerprint login access. At Atom, we use sophisticated biometrics that doesn’t rely on your device’s security and uses your voice, face and eyes to recognise you, so you are very unlikely to be compromised, but giving anyone access to your phone or data can put you at a heightened risk of fraud no matter how good the security.

4. Don’t use common passwords

It might seem obvious, but many people still use simple and straightforward passwords that are easily guessed by fraudsters. Hackers usually work through lists of common passwords searching for the right combination, and once they’ve guessed your log in details for one account, they could use your credentials to access multiple websites.

If it’s possible, use a banking app that uses biometrics to log in. They are far more sophisticated and the most secure way of accessing your finances. This might not be possible for everyone so if you do use passwords, make sure they don’t include names or key dates like your birthday as this could put you at risk. Make it hard to guess by using upper and lower case letters, special characters and numbers, but not so hard that you won’t remember and have to write it down.

5. Stay away from public networks

They might be convenient, but accessing your finances on a public WiFi network, such as in a cafe or a hotel, can be very risky. The clue is in the name, they’re public. This means there are no guarantees that your connection is encrypted, putting you at risk. Some fraudsters even create their own public networks using the name of well-known shops or banks, giving them access to anything travelling through the network that is unencrypted.

The majority of online banking sites and apps are heavily encrypted and will automatically log you out after a short while, but I would always advise avoiding public networks where possible. Always use a trusted network or your cellular data as these are safer, and always use your mobile app where possible.

6. Stop saving cards to online browsers

There are loads of browsers available these days, but some are more secure than others. The majority regularly update to ensure they’re not at risk of hacking or malware from fraudsters, but if yours doesn’t update, then it can leave you vulnerable to an attack.

For this reason I would never advise anyone to save their card details onto their internet browser. Although it may be convenient, it puts you at a significantly higher risk of fraud. Although verification is still required to use these details for transactions, if your device is hacked or has a virus then you could end up losing money.

7. Stay statement safe

Although this sounds like an old fashioned hacking tactic, fraudsters can still use old paper documents and bank statements for impersonation. The majority prefer to target businesses as it’s more lucrative, but not destroying your statements is still an unnecessary risk.

Make sure you dispose of them correctly, ideally in a shredder. Failure to do this could result in someone acquiring your sort code and account number which will put you at risk of fraud. If you use your app to view your statements, it’s a good idea to keep them saved there and not download them to your device. Banking apps are heavily encrypted so it’s a lot safer remaining within an app than on your desktop.

8. Be careful how you communicate

I always advise customers to think about common practice with any forms of communication from a financial provider and if anything seems out of the blue or unusual - don’t chance it. The beauty of using your financial apps is that all communication should be in-app and therefore if you receive anything by the way of phishing emails and SMS messages, it should be an obvious red flag. I’d also take care communicating your finances in front of your family and friends.

Useful links