Online crime during the pandemic
Online criminals adapted quickly to the changes brought about by the pandemic, with increasingly sophisticated scams. Business must prioritise raising awareness of online fraud and spotting the tell-tale signs of suspicious activity.
The emergence of a global pandemic last year led to a sudden and prolonged change in the way we live and work. Strict lockdowns brought in to limit the spread of the virus undoubtedly had a dramatic impact on certain types of crime as restrictions on freedom of movement also reduced opportunities for criminals. However, in other ways, the pandemic created a perfect storm for online criminals who were quick to adapt to rapidly changing circumstances.
One of the most prominent features of the pandemic was the shift to homeworking for much of the population. With others becoming increasingly reliant on technology to keep in touch with friends and family, online scams rose significantly. In March 2020 for example, just weeks after the first cases of COVID-19 were recorded in the UK, Action Fraud, the national reporting centre for fraud and cybercrime, reported a 400% increase in coronavirus-related fraud compared with the previous month.
Over the course of the last year as the scale of the pandemic became clearer, criminals were quick to target victims with increasingly sophisticated scams that played on people’s anxiety about the virus. These included fake websites offering face masks, hand sanitisers and other products that didn’t exist, or websites offering pets for sale taking advantage of the astonishing 3.2 million households who acquired a pet during lockdown.
As lockdown restrictions continued into the summer and the UK’s response to the virus ramped up through its track-and-trace and vaccination programmes, criminals became particularly effective at impersonating many trusted organisations, like the NHS and Royal Mail. There are probably very few of us who haven’t received a phishing email or text message from one or more of these organisations in the past year.
At the more disruptive and serious end of cybercrime, the threat from ransomware has grown significantly over the past 12 months and is fast becoming one of the main concerns for businesses across the country. Check Point’s Cyber Trends Report states that there has been a 93% increase in ransomware attacks globally in the first half of 2021 compared with the same period the year before.
Ransomware has clearly become an extremely lucrative business for cybercriminals with every sector a potential target. It’s also difficult to deal with as even if the victim is able to recover their encrypted data, the attackers often threaten to publicly release it anyway unless payment is made. This ‘double-extortion’ fraud is becoming more commonplace and potentially devastating for the business affected.
For victims of crime during the pandemic, the impact has been significant – and not just in relation to cybercrime and fraud. The charity Victim Support saw a particularly alarming increase in referrals from people being affected by domestic violence, up by 24% at its peak. They also saw a 65% increase in hate crime, with the most vulnerable in society disproportionately affected.
So, what does the future hold and will these trends become permanent? With online crime and fraud accounting for almost half of all crime in England and Wales, I think it’s unlikely we are going to see a dramatic change in the short term at least. As many businesses look to continue with the homeworking arrangements they put in place at the start of the pandemic, the focus is now on ensuring that staff continue to have access to company data while working remotely.
This means more businesses using the cloud to store their data. The criminals know this is where valuable data is kept, so improving the security of the cloud is going to become increasingly important.
However, if there is one positive outcome of the pandemic it is that many of us are now more aware of online fraud and are better able to spot the tell-tale signs of suspicious emails, links or SMS messages than we were before. Many business owners are also recognising the importance of cyber security, according to the latest Cyber Breaches Survey, published by the Department for Digital, Culture, Media and Sport (DCMS). In the survey, 77% of business owners now see cyber security as a high priority. But it’s still not enough.
Of course, it goes without saying that reducing the likelihood of becoming a victim of cybercrime and fraud should be a top priority for every business. Regularly reviewing your cyber security posture, implementing appropriate control measures and creating a positive security culture which encourages staff to report suspicious activity can make a huge difference. Vigilance is key – criminals are becoming increasingly sophisticated in their attacks and are always looking to find new ways to target their victims. But by working together with the cyber security industry, government and the wider law enforcement community, we can make a real difference and help make the UK one of the safest places to do business online.
For information and advice on cybercrime and fraud, please visit the Police Digital Security Centre website www.policedsc.com
Head of Cyber and Business Services
Police Crime Prevention Initiatives.