Cifas Homepage
NewsroomCareersContact Us

Coronavirus: fraudsters target home workers

29 May 2020

Fraudsters target home workers

During the course of lockdown we have seen a major trend in fraudsters targeting businesses who’ve made the transition from the office to home working. With a lot of our work now moving online in one way or another, it’s no surprise fraudsters are targeting everything from emails to recruitment.

One of the fastest growing threats during the pandemic has been the targeting of file sharing and cloud storage software.

File sharing platforms are being used more frequently throughout lockdown and fraudsters have been quick to exploit vulnerabilities with phishing emails. These emails look legitimate and trick trusting recipients into clicking links by stating someone has just shared an 'important file' whith them. Many of these phishing emails go with a business continuity theme with file names such as, ‘Covid-19 Update’, ‘Coronavirus Business Plan’, and ‘Coronavirus: all you need to know’. The link then directs the recipient to a page harvesting personal and company credentials.

Another popular phishing campaign we’ve seen are business email compromise scams (BECs). BECs have always been a persistent threat to businesses, but are now definitely on the rise during lockdown and extremely dangerous.

BECs are emails that appear to come from within the business, say from the CEO or Finance Director, requesting urgent payment to be made and often claiming the company is at some sort of risk. The email header will be spoofed so it appears to come from within the company, and fraudsters will usually have done their homework by researching the name and position of senior people within the business.

BEC scams remain one of the most profitable and widespread threats popular among fraudsters with recent reports quantifying global losses in excess of £9.7bn.

Along with email spoofing, website spoofing has also been a major issue targeting video conference applications. These video tools have become extremely popular and vital to many organisations, with Zoom, Microsoft Teams, Skype and Google Meet being amongst the most popular.

Analysis from Kaspersky uncovered a total of 120,000 suspicious malware and adware packages masquerading as versions of these major video calling apps. The main purpose of these spoofed websites is to harvest personal and financial information.

Speaking of harvesting personal and financial information, recruitment scams have also been a major issue during the lockdown. Recruitment scams come in all shapes and sizes, from WhatsApp messages to fake ads on social media.

According to Action Fraud, job seekers aged between 18 and 24 are the most likely to be targeted by job scams, losing around £4,000 on average. SAFERjobs is a great resource for job seekers and employers including advice for if you suspect that you have been targeted, treated unfairly or been the victim of a scam.

Don’t get caught out

Many of us will continue to work from home for the foreseeable future, and so it’s vital every homeworker can spot a hook before they bite.

Payment or transfer requests? Remember that any request to move money, purchase gift cards, or any other monetary purchases should be checked with your line manager or colleague using a pre-existing contact route – do not use contact information or links in the email or those provided by the person contacting you.

New to video chat and video conferencing? It is extremely important to make sure that the software you use for online meetings is downloaded from the legitimate provider’s website, is set up properly and doesn’t leave unpatched security gaps for fraudsters to exploit. You can also add a meeting password and ID in certain applications, meaning no uninvited guests can attend. The simplest step you can take is to never download an application from outside an official app store or company website.

File sharing with colleagues? Get into the habit of calling colleagues or messaging them when you are sending files, and expect the same in return. This simple heads up can help sound alarm bells if a phishing email lands in your inbox.

Applying for jobs? Red flags to spot include; being asked to pay money as part of the application process (such as a 'pre-employment screening fee'), messages which reference coronavirus (COVID-19), and asking unnecessary personal questions.

When in doubt stop, take five, and think carefully and critically about what you are doing or what is being asked of you.

Posted by: Amber Burridge

Amber is the Head of Fraud Intelligence at Cifas.


Finding new ways to identify internal fraud

11 June 2020

The insider threat is evolving - now more than ever following the COVID-19 outbreak. Organisations may be finding that they are more vulnerable to fraud and that the risk of internal threats has increased.



14 May 2020

We are living in a time where the internet has become more essential than ever before. It’s important we check in every now and then and ask ourselves, how healthily am I using the internet?

Back to blog home >
Posted by: Amber Burridge

Amber is the Head of Fraud Intelligence at Cifas.