Parents have been warned about a phishing scam that appears to be from the Department for Education, offering free school meals due to the Coronavirus pandemic.
According to the National Crime Agency, there have been over 500 coronavirus-related scams and over 2000 phishing emails reported since the outbreak, with cybercriminals seeking to exploit fears and steal bank details, usernames and passwords.
The recent scam targets families entitled to free school meals with a phishing email stating, “As schools are closed, if you’re entitled to free school meals, please send your bank details and we’ll make sure you’re supported”.
The email then encourages the recipient to enter their bank details into a spoof website which will harvest the unsuspecting victim’s financial information. With these details, fraudsters can then use the account for money laundering, spend the victim’s money, or convert their funds into an untraceable currency, such as Bitcoin. They will even sell the bank details on the dark web.
According to researchers, the dark web is awash with such credentials, which are sold for profit. A study found that the details required to access Lloyds Bank accounts with balances of roughly £5,000 were on sale for as little as £400 each.
The scam follows the announcement that schools would be able to provide meals, or vouchers for supermarkets and shops, to ensure that children who are entitled to free school dinners still received food during the closures.
Crooks will often take advantage of current affairs and announcements, as victims are often less likely to double-check a domain or other suspicious details when the communication is timely and relevant.
Guidance from the Department for Education has urged parents to be wary of these scams and to only go through official channels. In a statement, the Department for Education said “We can confirm that this is a scam email and is not official. We urge parents that if you receive any emails like this, please do not respond, and delete it immediately.”
Phishing messages have been one of the most popular tools in the cybercriminal arsenal for years. However, the uncertainty of the current COVID-19 crisis has provided a new opportunity for them to take advantage whilst our attention is elsewhere. As the number of coronavirus-related phishing emails continue to spread, there are a number of simple ways to stay safe.
How to Stay Safe from Coronavirus Phishing Scams
- Never click on links or download attachments from unknown sources.
- Always take time to think about a request for your personal information, and whether the request is appropriate.
- Seek information from trusted sources.
- Pay close attention to the spelling of an email or web address in it. If there are any inconsistencies, delete it immediately.
- Ignore and delete emails with poor grammar and formatting.
- Question the validity of any email that asks you to submit personal or financial information.
- Be suspicious of emails or text messages that are threatening or urgent in tone.
- Install the latest anti-virus software solutions on all your devices.
- Use strong, unique passwords to reduce the chance of devices being hacked.
- Consider the use of a password manager to maintain the security of multiple accounts.
Free Coronavirus Awareness Assets
In this time of uncertainty, MetaCompliance is committed to supporting organisations mitigate the risk of cyber threats.
To help communicate good cyber hygiene and vigilance, we have created a bank of free digital assets, which you can use to support your communications during this challenging time.
Click here to access your free awareness assets.