Local and National Fraud and Security News
Links to external websites and stories are shared in good faith.
The Fraud and Security Management Service take no responsibility for the accuracy or content of any external website.
National Fraud News – Action Fraud’s Annual Fraud Free Christmas Campaign
Criminals don’t stop at Christmas, is the message from our colleagues at Action Fraud. They have launched their annual campaign, reminding us that criminals will be watching, expecting you to be distracted and busy over the festive period, so they can take advantage.
Here are 12 types of fraud to look out for this Christmas, as publicised by Action Fraud. Stay vigilant – and Merry Christmas!
National Fraud News – Festive Advent Calendar Scam Warning
November may seem too early to be thinking of Christmas, but it’s a prime time to remind you to please be on your guard for online shopping scams. The BBC published a recent article about an advent calendar scam you may want to be aware of.
Remember, if a deal seems too good to be true, it probably is.
International Fraud News – Fraud Awareness Week
17 – 23 November 2024 is International Fraud Awareness Week. There is information on the International Fraud Awareness Week website and also on the NHS Counter Fraud Authority webpages.
Samantha Willoughby, Head of the Fraud and Security Management Service, said, “While we strive to keep NHS organisations fraud-aware all year round, Fraud Awareness Week is a great opportunity to further reach out to staff and remind them of the importance of helping us to reduce fraud and corruption in the NHS.
“Our dedicated team of highly experienced Local Counter Fraud Specialists are on hand to provide training, advice and, if necessary, to investigate any concerns that you may have. Any suspicions of suspected fraud or corruption should be reported, in confidence, to your nominated Local Counter Fraud Specialist. Alternatively, reports can be made to the NHS Counter Fraud Authority. All reports are treated in confidence.
Local Security News – Patient Jailed For Attacking Hospital Staff
A patient has been sent to prison after admitting assaulting security staff at St Richards Hospital, Chichester.
National Fraud News – Stolen NHS Data Published
It has been reported that hacked NHS data has been published on the dark web.
The incident affects multiple London hospitals and highlights the importance of securing NHS data and the risk posed by hackers – not only to NHS organisations but other organisations entrusted with NHS data.
National Fraud News – Lincolnshire Nurse Struck Off For Working While Sick
A Lincolnshire Nurse has been struck off by the Nursing and Midwifery Council after it was found that she had worked in a care home while receiving sickness payments from an NHS Trust.
National Fraud News – Nurse Jailed After Stealing From Patients
A Nurse working at Addenbrooke’s Hospital in Cambridge has been sent to prison for four years and six months after admitting stealing over £100,000 from vulnerable patients.
National Fraud News – New Offence of “Failing to Prevent Fraud” Introduced
On 11 April 2023, the UK government announced the introduction of a failure to prevent fraud offence, as part of the Economic Crime and Corporate Transparency Act. The Act received Royal Assent on 26 October 2023.
The NHS Counter Fraud Authority (NHSCFA) have now provided guidance relating to the new Act, detailing areas for consideration.
It should be noted that the law applies to all UK business that meet the required criteria (any two of: >250 employees, > £36 million turnover, >£18m on the balance sheet). While NHS organisations will be covered by the new Act, most might be less vulnerable to such a charge, providing they work in accordance with the anti-fraud bribery and corruption framework set out in the Government Functional Standard: Counter Fraud (GovS 013), and in compliance with anti-fraud guidance set out by the NHSCFA.
Much of the guidance is written in respect of companies that defraud customers, which would not normally apply to the NHS.
The new law mirrors the corporate “Failure to Prevent Bribery” offence that was introduced as part of the Bribery Act 2010.
National Fraud News – Senior Nurse Struck Off for Taxi Fraud
A senior Nurse from St Thomas’ Hospital has been struck off by the Nursing and Midwifery Council after using patient’s names to falsely book over £5,000 of taxi travel during the pandemic.
National Fraud News – Hospital Consultant Sentenced after Forging Timesheets
A hospital consultant has been sentenced at Kingston Crown Court after admitting a £50,000 timesheet fraud while working as a locum at Kingston Hospital NHS Foundation Trust.
Local Fraud News – Best Holiday Wishes from your Fraud Team
We would like to wish everyone a happy and healthy holiday and New Year period and thank you all for your assistance in helping reduce fraud against the NHS this year.
Please remember that instances of attempted fraud (targeting you both at home and at work) rise at holiday times with fraudsters seeking to take advantage of changed circumstances. Please remain vigilant at work for anything that doesn’t seem right and remember that you can report any concerns, confidentially, to your Local Counter Fraud Specialist.
Please also take care at home – there are many ways that we can be targeted by fraudsters at home, you can protect yourself by reading our advice on personal fraud.
Stay safe and enjoy the festivities,
Your Fraud Team.
National Fraud News – Increase in Cyber-Fraud Attempts over the Holiday Period
Statistics show that reported instances of attempted Mandate and CEO Fraud rise significantly over the Christmas and New Year period, with criminals seeking to exploit understaffed departments and NHS employees working under additional pressure.
Mandate Fraud (also known as Payment Diversion Fraud) is a type of impersonation fraud where an employee receives fraudulent correspondence purporting to be from an existing supplier, requesting that the banking information for that supplier is changed. Lookalike or hacked email accounts can be used.
If the request is processed, the next legitimate payment due to that supplier will be diverted into the fraudster’s bank account. Sometimes the fraudster might first contact an employee responsible for finances and request that contact information for the supplier is changed, so, when a Mandate Fraud is attempted later, checks to confirm whether the request is legitimate are diverted to the criminal.
In both cases, once a payment is made, the money is rapidly moved through a series of ‘mule’ accounts which are then shut down making quick tracing and recovery almost impossible.
Salary Diversion Fraud occurs when an existing employee is impersonated and a request to change banking details for their salary payments is made to the Human Resources or Payroll Departments.
CEO Fraud occurs when the fraudster impersonates the organisation’s Chief Executive Officer or another director and contacts a Finance employee, normally using a hacked or lookalike email account, asking for an urgent transfer of funds or the purchase of vouchers.
All Finance, Payroll, Procurement and Human Resources employees should be reminded of the increased risk over the holiday period.
Staff should remain vigilant against:
- any request for a change in a supplier’s or banking or contact details,
- any request for a change in an employee’s banking or contact details,
- any request apparently from a director requesting that an unusual urgent financial transaction is undertaken.
All such requests should be treated with extreme caution and should not be processed until confirmed as genuine by verifying the request with a confirmed contact through already established or independently obtained contact details.
All staff should remain aware that emails can be easily hacked or spoofed and requests for changes should always be treated with suspicion. Links and attachments in emails from unexpected sources should never be opened.
All organisations should encourage staff to self-enrol their NHS email accounts with multi-factor authentication as a priority if not already configured. Further details for NHS mail accounts are available here.
Anyone that suspects that their email account has been hacked or spoofed should report the matter to the IT Department and immediately change their password.
Further advice on cybercrime can be found here.
Any incidents or concerns should be reported to your Local Counter Fraud Specialist.
Local Fraud News – Fraud and Security Management Service Shortlisted for two National Awards
The Fraud and Security Management Service has been shortlisted in two categories as part of the Public Sector Counter Fraud Awards, 2024.
They are one of five nominees shortlisted for the award Innovation in Fraud Prevention and are the only NHS nominee to reach the final five. They are also one of just two nominees shortlisted for the Outstanding NHS Initiative award.
The award results will be announced at a ceremony on 22 February 2024 in London.
Samantha Willoughby, Head of the Fraud and Security Management Service, said, “I am delighted that the outstanding work delivered by our team has been recognised by a team of experts. I am also enormously proud that, despite huge competition – with 90 submissions being made by fraud teams and experts from across the whole public sector, we were the only NHS local service to be shortlisted for the award in one category, and one of only two shortlisted in the other.
“It is rewarding that our efforts have been appreciated and this recognition will only serve to further increase our determination to minimise the impact of fraud and corruption upon the NHS.”
Local Security News – Anaesthetist Imprisoned for Stealing Drugs from Hospital
A Southampton man has been jailed for two and a half years after admitting the theft of large quantities of drugs from the Hospital that employed him.
Paul Winwright appeared at Southampton Crown Court in November 2023 for sentencing having previously admitted offences of theft from employer and non dwelling burglary.
Local Fraud News – Local Case Featured in New BBC Fraud Squad Series
The new series of Fraud Squad on BBC1 features a number of NHS fraud cases, including a local case dealt with by the Fraud and Security Management Service.
Episode eight of the current series (series five) features the story of the local GP who was jailed after gambling over a £1 million of NHS money.
You can catch Fraud Squad on BBC1 on iPlayer.
Note – although not mentioned in the programme, the case was a joint NHS fraud / Police investigation, and the interview under caution was conducted by two NHS Local Counter Fraud Specialists from the Fraud and Security Management Service.
National Fraud News – Senior NHS Manager Imprisoned for £560,000 Fraud
A senior NHS manager working for NHS Harrow Clinical Commissioning Group has been sentenced to three years and eight months imprisonment after pleading guilty to a £560,000 fraud. The court heard that the manager managed a team of staff within a CCG and had authority to sign off invoices up to a value of £50,000.
Between August 2018 and December 2020, he authorised and approved fake invoices for payment totalling £564,484.80. These were paid into a bank account registered to himself. He was the sole approver for all invoices submitted, and no services were delivered, or work conducted for the CCG by that company.
Sentencing him to three years and eight months in prison Judge Vanessa Francis said: “You have worked in the NHS all your life, you are clearly someone who clearly cares deeply about helping others. Yet you used the system to systematically defraud the local authority who had employed you to the tune in total of over £565,000.
“For an NHS department already in deficit, what you did was take away the opportunity for people to be treated, for people to be helped and get what they needed. It meant in practical terms the vulnerable people who needed care did not get as much care as they needed, and you are responsible for that.
“You abused the position of responsibility that you were given and in a relatively planned and sophisticated way.”
Local Fraud News – Increase in Phishing E-mail Reports
The Fraud and Security Management Service have seen an increase in reports of phishing email, particularly those that purport to be from your email client or ESR.
We would remind everyone that you should never follow links or click on attachments in emails from unexpected senders.
Those that respond to requests to “update their ESR information” (or similar) may give a criminal access to their ESR account, allowing the fraudster to change banking details and divert salary payments.
Further information on cyber crime and fraudulent email is available on this website under the fraud menu.
National Fraud News – Action Fraud Highlight Increase in WhatsApp Fraud Reports
Action Fraud report that large community and religious WhatsApp groups are being targeted by scammers who infiltrate them to try and deceive their members into sending them money. Since January of this year, 268 people have reported falling victim to this scam.
The fraud often begins when a member of the group receives a WhatsApp audio call from the fraudster, pretending to be a member of the group. This is done to gain the individual’s trust, and often the scammer will use a false profile picture and / or display name, so at first glance it would appear to be a genuine member of the group.
The fraudster will then call the victim and say they are sending a one-time passcode which will allow them to join an upcoming video call for group members. The scammer then asks the victim to share this passcode with them so they can be “registered” for the video call. What’s really happening is that the scammer is asking for a registration code to register the victim’s WhatsApp account to a new device where they then “port” their WhatsApp profile over.
Once the fraudster has access to the victim’s WhatsApp account, they will enable two-step verification which makes it impossible for the victim to access their account. The scammer will then message other members of the group, or friends and family in the victim’s contacts, asking them to transfer money urgently as they are in desperate need of help.
Oliver Shaw, Detective Chief Superintendent and Head of Action Fraud and the National Fraud Intelligence Bureau (NFIB) said:
“WhatsApp continues to be a popular platform for community and religious groups, but sadly also for fraudsters. Here, the scammers rely on the goodwill of group members and their intrinsic desire to help others in distress.
“We urge people always to be wary when receiving contact via WhatsApp or other messaging platforms. This is particularly the case when being asked to provide account information – despite the fact that you may recognise the individual’s profile picture and / or name.
“Never share your account information with anyone, and if you think it’s a fraudulent approach, report the message and block the sender within WhatsApp. To make your account more secure, we advise setting up two-step verification to provide an extra layer of protection. This makes it increasingly more difficult for fraudsters to gain access to somebody else’s WhatsApp account”.
Action Fraud indicate that victims targeted by this scam are often part of large WhatsApp community, alumni and academic, work groups, and religious groups (such as church or prayer groups).
What can you do to avoid being a victim?
• Never share your account’s two-factor authentication (2FA) code (that’s the six-digit code you receive via SMS).
• Set up two-step verification to give an extra layer of protection to your account. Tap Settings > Account >Two-step verification > Enable.
• THINK. CALL. If a family member or friend makes an unusual request on WhatsApp, always call the person to confirm their identity.
• You can report spam messages or block a sender within WhatsApp. Press and hold on the message bubble, select ‘Report’ and then follow the instructions.
National Fraud News – NHS Counter Fraud Authority Publish Annual Report 2022-2023
The NHS Counter Fraud Authority have published their Annual Report 2022-2023.
Local Fraud News – Fraud Specialist Cycling to Paris for Charity
We are pleased to report that Colin Edwards (Fraud Specialist from the Fraud and Security Management Service) and his team are three days into their charity cycle ride, and are doing well.
Colin and his friends are aiming to cycle from Hayling Island to Paris and back in just a week.
They are progressing as scheduled and the weather has been largely kind to them so far, being neither too hot nor too wet.
Colin, a keen cyclist, is raising money for the Solent NHS Trust Charity and donations can still be made on Colin’s Just Giving page.
National Fraud News – Fraud and Security Management Service Participate in National Fraud Conference
The first NHS Counter Fraud Conference was held in London in May 2023.
With more than 250 delegates, the conference brought together counter fraud professionals from all parts of the healthcare sector. Its aim was to foster learning, discussion, and collaboration across the different parts of the NHS and to strengthen the response to fraud and building awareness.
The event welcomed experts from NHS Counter Fraud Authority, the newly established Public Sector Fraud Authority, NHS Counter Fraud Services Scotland, NHS Counter Fraud Wales, and Counter Fraud professionals from NHS Trusts and Integrated Care Boards who discussed topics such as data sharing and insider fraud and different detection and prevention tactics.
Colin Edwards represented the Fraud and Security Management Team at the conference and was part of a panel that responded to questions from the audience and offered insightful tips on ways to effectively measure the financial and non-financial impacts of counter fraud controls. Colin offered practical ideas on how practitioners can work collaboratively with policy leads to integrate counter fraud measures into policy from the planning stage.
A recording of Colin and the panel can be found here.
National Fraud News – NHS Counter Fraud Authority Launch 2023-2026 Strategy
The NHS Counter Fraud Authority have launched their strategy for 2023-2026.
The strategy details the NHS Counter Fraud Authority’s planned response to counter the ever-changing risk of fraud, bribery and corruption in the NHS.
Local Security News – Police Reinforce their Commitment to Security Initiative – Operation Cavell
Operation Cavell was introduced by police forces across the UK prior to the introduction of the Assault Emergency Worker offence 2018 and the National Joint Agreement on Offences Against Emergency Workers 2020. The legislation provides clear direction on the definition of an Emergency Worker which is much wider in scope than might previously have been considered. The Joint Agreement provides a broad framework to ensure the more effective investigation and prosecution of cases where emergency workers are victims of a crime while undertaking their duties.
National Fraud News – Eleven Year Sentence for Fraud and Bribery Against the NHS
A former Theatre Manager at St Albans City Hospital Trust has been sentenced to 11 years in prison having been found guilty of six offences under the Theft, Fraud and Bribery Acts in March this year.
A Chief Executive Officer of Implants International and Xtremity Solutions Ltd (both of which were companies supplying medical equipment to the Hospital) was sentenced to 28 months in prison having been found guilty of one charge of bribing the Theatre Manager
A Director of TSI Med Ltd. had already pleaded guilty to one charge of bribing the Theatre Manager prior to the trial opening and was sentenced to 18 months in prison suspended for 18 months and 200 hours of unpaid work.
The investigation was undertaken by the CFA, with the prosecution led by the Crown Prosecution Service, with the total value of all offences being more than £600,000.
Local Fraud News – Local Counter Fraud Specialist to Cycle to Paris and Back to Raise Cash for the NHS
Colin Edwards, an LCFS from the Fraud and Security Management Service will be embarking on a mamouth 400 mile cycling trip from Hayling Island to Paris and back in July to raise money for an NHS Mental Health charity.
Coverage of the story by Portsmouth News can be read here.
Donations can be made on Colin’s Just Giving page.
Local Fraud News – Attempted Fraud Against Local Trust’s Cost of Living Hardship Scheme
A Trust employee has resigned immediately before a disciplinary hearing, after an investigation by the LCFS confirmed that they had attempted to defraud their employer’s Cost of Living Hardship Scheme.
The scheme had been set up to support staff in financial hardship during the cost of living crisis, and enabled them to apply for one-off grants to assist with emergency unforseen expenses, such as a broken boiler or car repair. Applications were considered by a committee chaired by an Assistant Director, and payments were awarded from existing charitable funds. The individual had made an application, but when asked for supporting paperwork to show the estimated cost of repairs they forged a quote and submitted it in support of the application.
An investigation by the LCFS confirmed that the paperwork was false and internal disciplinary proceedings were taken, led by the Human Resources Department.
A diciplinary hearing was scheduled, but the subject resigned before it was held.
The investigating LCFS, said, “This individual was extremely foolish. They attempted to defraud a scheme set up by the Trust to help staff who were genuinely in need. Had they been successful they would have been taking money away from other honest, hardworking NHS employees that may have needed the scheme. This action shows that every instance of suspected fraud is investigated and is taken seriously by the NHS.”
International Fraud News – Major Cyber-crime Website Shut Down by Police
The BBC report that a major cyber-crime website has been shut down following a large international Police operation.
The website contained victim’s personal data for sale, often at less than $1 a time, placing them at risk of cyber-crime such as identity or banking fraud. Unusually, the site was situated both on the ‘dark web’ and the ‘open web’, as opposed to just on the ‘dark web’ as would be more normal.
Globally 200 searches were carried out and 120 people were detained.
National Fraud News – Fake Psychiatrist Sent to Prison
A woman that forged a medical degree and worked in multiple roles in the NHS for over twenty years has been jailed for seven years. She had denied the charges against her but a jury found her guilty of of 13 counts of fraud, three of obtaining a pecuniary advantage by deception, two of forgery and two of using a false instrument.
In 2018 the woman had previously been convicted and sentenced to five years inprisonment after attempting to forge the will and powers of attorney of an elderly widow who had been one of her patients.
Read full details here.
National Fraud News – Police Winter / Christmas Fraud Advice
The Police have issued the following advice regarding fraud trends this winter and Christmas.
Energy Rebate Scams
Criminals continue to seek opportunities to exploit vulnerable individuals during the economic crisis facing the UK. It is noted that energy rebate scams continue to be a popular method of defrauding victims looking to save some money on bills. Offenders are sending out SMS messages, purporting to be from the Government, advising recipients that they are eligible for discounted energy bills under the Energy Bill Support Scheme, however, to receive their discount/rebate they will need to apply on the link provided. This link is of course, malicious and seeks to harvest personal and financial information.
Supermarket Gift Card Scam
A large phishing campaign has been circulated where offenders purport to be popular supermarket chains. The scam offers recipients a gift card voucher if they complete on online
survey. There is a link included within the email for victims to use to claim their gift card. The purpose of this exercise is to provide fraudsters with personal and financial information. Scams such as this one will continue to become increasingly appealing to the public as many struggle with rising costs across food items.
Banking / Police Impersonation Fraud
Victims are being contacted by fraudsters, purporting to be from a bank and are advising that they need to get the victims card blocked. The victims are then subsequently advised to withdraw large sums of cash from an ATM and that a taxi would attend the home address to collect monies along with the bank card. The victim is told to remove a portion of the money to give to the taxi driver and that they are not allowed to speak with the driver. In addition, victims are told that the job is confidential or a “hush job” and therefore they should refrain from speaking to anyone else about the event. This is a tactic that criminals use to isolate the victim.
Similarly, another MO of interest was identified where victims received a call and were advised that they were being contacted by the Fraud Investigation Department. They were advised that they were part of an ongoing investigation into fraud involving banks across their specific area. The victim was instructed to attend the bank and withdraw a large sum on money. The fraudsters call the victim a cab to ensure that they are going to the bank, and they remain on the phone with the victim the entire time, even when the handset is placed in a bag.
The victim then returns home and hands over the money to a courier, who provides them with a passcode. The victim is subsequently informed that the notes are counterfeit and therefore is instructed to complete several additional tasks to safeguard their funds, including transferring a total to an account that the scammers had advised was with the Bank of England. The victim was told, like the above, that they were not to disclose this with any friends or family. A new threat actor then contacted the victim to advise that they were taking over the case as part of the Serious Fraud Investigation Office. They then instruct the victim to complete more money transfers and withdrawals.
Christmas Criminals Awareness Campaign
As we head into the festive season, online shoppers are being warned about the dangers of seasonal scammers. A Cyber Aware campaign, from National Cyber Security Campaign, is being promoted to help inform and remind shoppers to bolster their cyber security and remain cautious of potential scams. The same period last year (Nov 2021 – Jan 2022) saw consumers lose a total of £15.3 billion, with each victim losing, on average, £1,000. The age group noted as being most at risk was those between the ages of 19-25 years old.
As many take to online platforms to purchase gifts or even to bag a bargain during Black Friday deals, this will continue to be a time period which many cyber-scammers look to exploit heightened online shopping habits.
Fraud and Security Advice – A Christmas Message
Christmas time sees an increase in attempted frauds, organisations will be targeted as they may be short staffed and therefore less vigilant, and you may be targeted at home too; so remember to question every contact via post, text, telephone or email asking you to do something unusual.
If you are partying, make sure that your friends and relatives know where you are and that you have made arrangements to get home safely.
There is lots of advice on staying safe on this website, a few minutes browsing could save you an awful lot of money or aggravation.
National Fraud News – International Fraud Awareness Week 13-19 November 2022
November 13th – 19th is International Fraud Awareness Week. Look out for messages from your Communications Team promoting the week and sharing useful information on how to protect yourself and the NHS from fraud.
Should you need any help or advice, or if you want to report a concern of suspected fraud affecting the NHS, you should contact your Local Counter Fraud Specialist. All contact is treated in the strictest confidence.
National Fraud News – Report Identifies Pandemic Savings
A recent report led by the NHS Counter Fraud Authority (NHSCFA) on local NHS healthcare spend during the COVID-19 pandemic has identified that good practice across NHS procurement saved millions of pounds during this unprecedented and challenging time.
National Fraud News – Fake NHS boss Jon Andrewes Faces £96,000 Confiscation Order
An NHS boss that lied to obtain positions that saw him earn £643,602.91 has been ordered by the Supreme Court to repay £96,000.
National Fraud News – Barclays Bank Reveal Scammers Tactics
Barclays Bank have revealed the common tactics used by scammers in order to manipulate their victims.
National Fraud News – Under 35’s Targeted by WhatsApp Fraudsters
The BBC report that under 35’s are the key target group for organised criminals using the WhatsApp messaging application to commit fraud.
Local Fraud News – Health Care Support Worker Prosecuted for Using Patient’s Bank Card
A Hampshire Health Care Support Worker has been prosecuted after stealing and using a patient’s bank card without permission while working at a local hospital.
The offence was identified by the Trust’s Local Counter Fraud Specialist who liaised with the Police and assisted with the investigation. Nahima Begum from Southsea, Hampshire, pleaded guilty to a charge of Fraud by False Representation at Portsmouth Magistrates Court. She was sentenced to a Community Order requiring her to complete 160 hours unpaid work. She was also ordered to pay £85 prosecution costs, a £95 surcharge fee and compensation to the victim.
Begum no longer works for the Trust where she had been employed.
Local Fraud News – Portsmouth Doctor Struck-Off After £1.13 Million Theft
A Portsmouth GP – Dr Rumi Chhapia, has been erased from the Practitioners List by the Medical Practitioners Tribunal Service following his conviction and imprisonment for stealing £1.13 million from the NHS to feed a gambling addiction.
Chappia had previously been sent to prision for three years and four months in November 2021 after admitting the offences at an earlier hearing held in September 2021.
Further details from the hearing will be available here.
International Fraud News – Huge Dark Net Site Taken Down
The BBC report that a huge dark net site, descibed as a “bastion of cyber crime”, has been shut down.
National Security News – New Security Video Launched
The Centre for the Protection of National Infastructure (CPNI) have produced a short film which introduces the quick actions a member of staff within a small business can take to lockdown their premises during a terrorist incident. These principles can be applied across many types of locations and ultimately acting fast can save lives. Further information can be found on the CPNI website.
Christmas Wishes From Your Fraud and Security Management Service
2021 has been a challenging year, we would like to extend our thanks and best wishes to everyone in the NHS for the remarkable job you have all done this year.
Please remember that while we may stop for a few days for some well earned rest over the Christmas holidays, the fraudsters never take a break and we must always stay on our guard to protect the NHS, ourselves and our families.
For a moment of light relief, we frequently warn that fraudsters are often highly organised and intelligent. However this isn’t always the case, as demonstrated in this story where two criminals were denied a £4 million lottery scratchcard jackpot as they bought the scratchcard with a stolen debit card. It’s good to see that there is some karma in the world!
We are sending our best wishes to you all and hope you all have a happy and healthy Christmas and New Year.
From your fraud and security management team.
National Security News – Providing First Aid During or Following a Terror Attack
Counter Terrorism Policing UK have released a video giving advice on providing first aid in the event of a terrorist attack. It reinforces the ‘Run, Tell, Hide’ message. It isn’t long, watching it may save lives.
National Security News – Government to Introduce ‘Harper’s Law’
The BBC report that the government are to introduce mandatory life sentences for anyone convicted of killing an emergency service worker. This change comes after months of campaigning by Lissie Harper, the widow of P.C. Andrew Harper, who was killed while on duty in 2019.
Local Security News – Reports of Increasing Violence and Aggression Against NHS Staff
It has been reported both locally and nationally that the recent difficulties faced by the NHS have seen an increase in reports of violence and aggression towards staff,.
Another local report can be seen here.
For help and advice on staying safe at work see our security advice, or contact your Local Security Management Specialist.
Local Fraud News – Hampshire Trust Prevents £176k Fraud
A local Hampshire hospital recently foiled an attempt by organised fraudsters to change the banking details for an existing supplier.
The fraudsters had hacked into an email account of the supplier and then continued an existing email conversation between the supplier and the Trust’s Finance Department. The fraudsters sent a series of messages culminating with the request to change the supplier’s banking details. Had the request been processed, the next payment of over £176,000 that was due to the supplier would have been diverted to an account run by the criminals.
Thankfully the Finance team had recieved training from the Local Counter Fraud Specialist and took the correct action upon receiving the request, the details were not changed and no money was lost.
This is a common fraud known as ‘Mandate Fraud’ and large organisations are targetted frequently. It is important that ANY request to change the banking or contact details held for an existing supplier is treated with extreme caution and the request is double-checked with a known contact at that supplier, contacted via an extablished and confirmed telephone number.
For more advice, contact your Local Counter Fraud Specialist, or you can watch this awareness video.
Local Fraud News – Ex-Practice Manager Given Police Caution for Forging Prescriptions
A GP Practice Manager who abused his position to obtain drugs by deception has been given a Police Conditional Caution following a criminal investigation which spanned the South East, South West and London regions, undertaken by a Local Counter Fraud Specialist from the Fraud and Security Management Service.
The investigation proved that the Practice Manager had committed fraud offences with at least four General Practices, by accessing patient systems and creating false prescriptions for his own use.
116 false prescriptions were found whereby a doctor’s signature had been falsified in order to obtain medication that would not have otherwise been prescribed and dispensed. This caused a loss from the NHS Clinical Commissioning Group’s (CCG’s) prescribing budget. The Practice Manager was subsequently dismissed from their employment with a General Practice in the South West region.
After the ex-Practice Manager absconded from the Hampshire area, they were traced and interviewed under caution at Trinity Road Police Station, Bristol, on 19 August 2021, when they admitted the fraud offences.
A decision was made with Avon and Somerset Police to issue a formal Police Conditional Caution, which the ex-Practice Manager accepted on 19 October 2021. The conditions imposed were that the individual was required to report any future work in the NHS; that they pay £500 compensation to the CCG and they provide letters of apology to each of the General Practices affected.
The Police Conditional Caution is a criminal record held on the Police National Computer.
National Fraud News – International Fraud Awareness Week 2021
November 14th – 20th is International Fraud Awareness Week.
The NHS Counter Fraud Authority estimates that fraud and corruption costs the NHS up to £1.21 Billion a year. It is important that we continue to raise awareness of the fraud issues that might affect us at work.
To support International Fraud Awareness Week your Communications Team will be circulating a number of fraud-awareness messages on your Intranet pages and via your organisation’s social media accounts. These messages are designed to raise awareness and help keep you and the NHS safe from fraud. Look out for them, they only take a couple of minutes to read and could prevent losses of thousands of pounds.
The International Fraud Awareness Week website has a useful downloadable document providing more generic information on fighting business fraud; you can access it by clicking the image to the right. While this is an American publication, most of the advice is still relevant to us.
Frauds affecting the NHS could be committed by:
Patients:
– obtaining treatment in false names to obtain additional drugs or avoid NHS charges
– altering prescriptions to obtain additional medication
Employees and contractors:
– working for another employer whilst receiving NHS sickness pay
– manipulating and abusing NHS accounts or credit cards for personal use
– submitting false claims for hours worked or expenses
– job applicants falsifying qualifications or references
– abusing trust to defraud the finances of a patient
External:
– phishing email
– emails impersonating Directors requesting financial transactions
– emails impersonating other organisations or staff requesting the bank details are changed to divert legitimate payments to the fraudster
– cyber ransomware attacks on I.T. infastructure
We rely on the honest majority in the NHS to help root out the dishonest few. Your Local Counter Fraud Specialist works for you and your organisation to reduce the impact of fraud and keep NHS money in our budgets. This year in the Hampshire and Isle of Wight area the Fraud and Security Management Service has identified frauds with a value of over £1,118,000 and our work has prevented further fraud losses totalling over £353,000. Over £240,000 has been recovered during the year to date.
If you have any questions about fraud in the NHS, or if you would like to report a concern, you should contact your Local Counter Fraud Specialist
Further information is also available from the NHS Counter Fraud Authority.
Local Fraud News – Portsmouth GP Sent to Prison for £1.1 million Fraud
A Portsmouth GP has been sent to prision for three years and four months after admitting the theft of £1.1 million to feed a gambling addiction.
The NHS Counter Fraud Authority have given the case national coverage and Richard Rippin, Head of Operations at the NHS Counter Fraud Authority has commended the: “excellent work undertaken by the Fraud and Security Management Service”.
Local Fraud News – GP Pleads Guilty to £1.1 Million Fraud
A Portsmouth GP who embezzeled £1.13 Million of NHS money has pleaded guilty to one charge of fraud at Portsmouth Magistrates Court.
National Fraud News – Two NHS Bosses Imprisoned for Serious Fraud
The BBC report that Stephen day, a 51 year old accountant from Perthshire, Scotland, has been jailed for 11 years and 5 months for: “industrial scale dishonesty”, which defrauded firms and the NHS of £1.4 million. Among the various offences that Day admitted, the court heard that he had held three full time NHS Director posts with different organisations simultaneously, hiding each from the others and earning over £2,000 a day.
Meanwhile, in June a former NHS I.T. Manager at what was Mid Essex Hospital Trust (including Broomfield Hospital) was imprisoned for 5 years and 4 months after admitting two counts of fraud by false representation and defrauding the NHS and HMRC out of £800,000. The case was brought following an investigation and financial investigation work by the NHS Counter Fraud Authority, working closely with the Trust’s Local Counter Fraud Specialist and HMRC.
National Fraud News – Mother Sentenced for Stealing Money Intended for her Disabled Daughter
The Crown Prosecution Service have published details of a mother sentenced for stealing over £73k intended to pay for her disabled daughter.
National Fraud News – NHSCFA Publishes Three Year Strategy
The NHS Counter Fraud Authority have published their 2020 – 2023 Strategy.
The strategy explains how they intend to use their resources and
commitment over the three year period (2020-2023) in the fight against NHS fraud.
It can be viewed by clicking on the image.
Local Security News, Portsmouth Hospital Staff Suffer 190 Attacks in 12 Months
It has been reported that staff at the Queen Alexandra Hospital in Portsmouth have suffered 190 physical attacks from patients and the public in twelve months.
Queen Alexandra Hospital
International Security News – Italian Man Sent to Prison for Threatening to Bomb the NHS
The BBC have reported that an italian man has been sent to prison for three years following a blackmail campaign whereby he threatened to bomb NHS hospitals, Black Lives Matter rallies and UK MPs.
Local Security News – Social Media User Fined for False Post About Queen Alexandra Hospital
It has been reported that Portsmouth Police have fined a social media user who had posted photos of Queen Alexandra Hospital and had falsely claimed that the hospital was not busy with Covid-19 patients.
Mark Cubbon, the Trust’s Chief Executive, branded the posts as disrespectful to staff working hard to look after Covid-19 patients.
The person responsible was traced and given a fixed penalty notice under the Health Protection (Coronavirus, Restrictions) Regulations 2020.
National Fraud News – HMRC Issue Warning Over Tax Rebate Scams
Self Assessment customers warned about scammers posing as HMRC.
HM Revenue and Customs (HMRC) have warned that Self Assessment customers should be alert to criminals claiming to be from the HMRC.
As the department issues thousands of SMS messages and emails as part of its annual Self Assessment tax return push, HMRC is warning customers completing their returns to take care to avoid being caught out by scammers. The annual tax return deadline is on 31 January 2021.
The department knows that fraudsters use calls, emails or texts to contact customers. In the last 12 months, HMRC has responded to more than 846,000 referrals of suspicious HMRC contact from the public, and reported over 15,500 malicious web pages to internet service providers to be taken down. Almost 500,000 of the referrals from the public offered bogus tax rebates.
Many scams target customers to inform them of a fake ‘tax rebate’ or ‘tax refund’ they are due. The imposters use language intended to convince them to hand over personal information, including bank details, in order to claim the ‘refund’. Criminals will use this information to access customers’ bank accounts, trick them into paying fictitious tax bills, or sell on their personal information to other criminals.
“If someone calls, emails or texts claiming to be from HMRC, offering financial help or asking for money, it might be a scam. Please take a moment to think before parting with any private information or money.”
Pauline Smith, Head of Action Fraud, said: “Criminals are experts at impersonating organisations that we know and trust. We work closely with HMRC to raise awareness of current scams and encourage people to report any suspicious calls or messages they receive, even if they haven’t acted on them, to the relevant channels. This information is crucial in disrupting criminal activity and is already helping HMRC take down fraudulent websites being used to facilitate fraud.
“It’s important to remember if you’re contacted out the blue by someone purporting to be from HMRC asking for your personal or financial details, or offering you a tax rebate, grant or refund, this could be a scam. Do not respond, hang up the phone, and take care not to click on any links in unexpected emails or text messages. You should contact HMRC directly using a phone number you’ve used before to check if the communication you have received is genuine.
“If you’ve been the victim of fraud, contact your bank immediately and please report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040.”
Customers can report suspicious activity to HMRC at [email protected] and texts to 60599. They can also report phone scams online on GOV.UK.
HMRC is also warning the public to be aware of websites that charge for government services – such as call connection sites – that are in fact free or charged at local call rates. Other companies charge people for help getting ‘tax refunds’. One way to safely claim a tax refund for free is to log into your Personal Tax Account.
HMRC has a dedicated Customer Protection team that identifies and closes down scams but asks the public to recognise the signs to avoid becoming a victim. HMRC regularly publishes examples of new scams on GOV.UK to help customers recognise phishing emails and bogus contact by email, text or phone.
Ways to spot a tax scam
It could be a scam if it:
- is unexpected
- offers a refund, tax rebate or grant
- asks for personal information like bank details
- is threatening
- tells you to transfer money.
Self Assessment customers can complete their tax return online and help and support is available on GOV.UK.
To protect against identity fraud customers must verify their identity when accessing HMRC’s online services. They must have two sources of information including:
- credit reference agency data
- tax credits
- P60/payslip
- UK Passport
National Fraud News – Huge Increase in Phishing emails
The Credit Industry and Fraud Avoidance Service (CIFAS) have reported a huge rise in phishing email during 2020, with the number of incidents projected to continue to rise by 15% year on year.
A ‘phishing’ email is an email pretending to be from somewhere or someone that it is not. It prompts the user to either follow a link to a spoof website, or to click on an attachment.
The spoof website requests personal information including login information, giving the fraudster access to the account, whereas attachments are normally ‘malware’ – malicious software that the criminal wants installed on the user’s computer.
CIFAS have reported that the most commonly impersonated brands are: Amazon. PayPal, Apple, WhatsApp, Microsoft Office, Netflix and Instagram. NHS staff are frequently trageted by phishing emails spoofing NHS net (email) and ESR in an attempt to gain access to user’s accounts.
More information on dealing with email fraud is here.
International Fraud News – Ransomware Attack Blamed for Hospital Death
The BBC has reported how a ‘ransomware’ cyber-attack on a German hospital contributed to the death of a woman.
It is a stark reminder that a cyber-attack could not only cost the NHS money (the ‘Wannacry’ attack in 2017 is estimated to have cost the NHS £93 million) but ultimately could result in the denial of treatment and potential loss of life.
It is strongly recommended that NHS staff follow the advice and best practice detailed on our cyber-crime webpage.
National Security News – Threat Level Increased to SEVERE
Following significant events in parts of Europe recently, the government have raised the security threat level to ‘Severe’. The increase has been made because security chiefs believe that an attack is highly likely but there is no specific intelligence of an imminent incident.
The move follows Monday night’s shooting in Vienna and last week’s knife attack in Nice, France, and a teacher’s murder in Paris last month. We should all look to carry on as normal without being alarmed, but remaining vigilant and alert to any suspicious activity in order to maintain our safety and security.
If you have any security questions or concerns you should contact your organisation’s Local Security Management Specialist.
Local Security News – New Staff Safety Page Added to the Website
A new Staff Safety page has been added to the site. The page provides staff with help and guidance to assist them in staying safe while at work and at home.
Much of the information is common sense, but it is worth a quick read through so you can make sure that you are doing all you can to reduce any risk.
The basis of the information has been provided by Hampshire Constabulary.
Local Fraud News – Automated Phone Call Warning
An NHS Trust has received several automated phone calls warning that the internet will be disconnected unless they press “1”. Calls like this are attempted frauds. If the call receiver does press a number, they will be connected to a person who will then try to extract personal details which they can use to commit offences, or they will pressure the call receiver to take actions which will allow them remote access to the computer systems. Another trick which can be used is to connect the call to a premium rate number then keep the receiver hanging on the line in order to create a large phone bill.
You may receive calls like this to your home phones as well as hospital phones.
If you receive such a call:
– Hang up immediately.
– Do not speak.
– Do not press 1 (or any other key on the phone).
– Never give out information or answer any questions.
– Do not verify the call by using any information given during the call.
– If you do wish to make further enquiries, use a different phone, or wait at least 20 minutes before using the same phone (in case the original fraudster is still controlling the line).
National Fraud News – Metropolitan Police Release Fraud Awareness Videos
The Metropolitan Police have released five very short fraud awareness videos on the following subjects:
– Test and Trace
– Phishing
– Working from Home
– Vishing
– Ransomware
Most last less than a minute and provide clear advice to help you protect yourself against fraud.
National Security News – Man Arrested For Stabbing NHS Worker At Brighton Hospital
It has been reported that a man has been arrested on suspicion of attempted murder following an incident at the Royal Sussex County Hospital in Brighton, where a staff member was stabbed.
Local Fraud News – DHL Invoice Fraud
It is reported that an NHS Trust Accounts Manager has received three emails in quick succession that appeared to be from DHL, The Trust concerned reported that it does have an account set up with DHL but it has never been used. The emails were sent to a named person in the Accounts Team who has never had dealings with DHL.
The emails, purported to have been issued by “DHL Accounts Dept” with an email address given as [email protected], read: “Dear Customer, Please find attached letter concerning your overdue account This is a system generated email. Please do not respond to this email. Invoice Copies can be retrieved from MyBill If you have any questions or concerns, please email [email protected]. Regards, DHL Express Accounts Dept.”
If you receive a similar email from DHL, you are advised not to click on attachments and to contact DHL directly via a known phone number or email address to confirm whether there are any outstanding invoices. DHL have been informed with regards to these concerns.
You should also notify your LCFS who will be able to record this matter and offer guidance and direction.
National Fraud News – Virus Alert
The Fraud and Security Management Service have been made aware of an instance of a ‘Harma Virus’ infecting a local NHS network. The virus is spread through the opening of an email attachment. Harma is a ransomware which focuses on locking all personal files on the host machine and then demands ransom payment for the decryption tool.
It is important that you do not open any attachments that you are suspicious of or that appear out of the ordinary. Be particularly suspicious of emails from people you don’t know or routinely do business with. Emails that purport to come from a known contact but are not written in their usual style can also be an indicator of a potential problem. Any suspected phishing/spam/scam emails can be reported to NHSmail directly at [email protected] by attaching the suspicious email to a new email before sending it.
If you receive any popup messages that look suspicious such as: “Your files have been encrypted” please contact your IT Service Desk immediately and power off your computer straight away.
Further information on protecting yourself against cyber-crime can be found here and advice to protect against email fraud can be found here.
National Security News – Gang Admits NHS Gas Canister Thefts
Four men from Norfolk have been told to expect substantial jail sentences after admitting stealing gas canisters from NHS hospitals.
Gas canisters are frequently targeted by criminals, especially during ‘festival’ season, it is recommended that they are always stored securely.
National Security News – Manchester Man Imprisoned For NHS Worker Attack
A 27 year old man of no fixed address in Manchester has been sent to prison for two years after attacking an NHS worker in Salford Royal Infirmary.
National Fraud News – NHSCFA Launches Expanded Reference Guide
The NHS Counter Fraud Authority has launched an expanded fraud reference guide which provides fraud definitions and detailed information on thirteen key areas of fraud, including case examples and preventative advice. The guide can be accessed here.
Local Fraud and Security News – Police Crime Prevention Coronavirus Update
Hampshire Police have issued a Crime Prevention update, which includes advice on new areas of potential crime relating to the Coronavirus outbreak.
National Fraud News – Action Fraud Issue Alert Regarding Coronavirus Scams
Local Security News – Suspended Prison Sentence for Hospital Attack
A woman who launched an attack against the Police and NHS staff has been given a suspended prison sentence. Read more here…
National Fraud News – BBC Documentary – Spying on the Scammers
A recent BBC documentary explains the risks of scam telephone calls. Watch it here…
National Security News – Secretary of State Speaks Out About Violence in the NHS
Matt Hancock, MP and Secretary of State for Health and Social Care has written to NHS staff setting out his concerns about the problem of violence experienced by NHS staff. Read more here.
Local Fraud News – New Series of BBC Fraud Squad
The latest series of Fraud Squad commenced on 3rd February 2020 on BBC1 at 9:15 am and episode six of this series features an investigation from Hampshire. The investigation was undertaken by the Head of the Fraud and Security Management Service and resulted in the imprisonment of a Procurement Manager who had been working at a local Trust.
The series provides a detailed look at the investigations undertaken by NHS and other government fraud investigators and the subsequent results when those cases reach court.
If you miss an episode it is available on catch-up services and on BBC iPlayer. The episode featuring the Hampshire case can be viewed here.
National Fraud News – Former Oxford University Hospitals CIO Sentenced for NHS Fraud
A senior NHS hospital manager has been sentenced to two years’ imprisonment, suspended for two years, after he was found to have lied about having a degree. Read more here.
Local Security News – Woman Arrested at Local Hospital for Assault and Criminal Damage
A Southsea woman has been arrested on suspicion of assault, criminal damage and a public order offence, following an incident at the Queen Alexandra Hospital Emergency Department in Portsmouth on Boxing day.
Local Security News – Four Men With a Knife Arrested at Local Hospital
Officers were called to Queen Alexandra Hospital in Portsmouth after a group of men, one of whom had been stabbed, caused issues in A&E while waiting for a doctor. Read more here.
Local Fraud News – Mental Health Nurse Given Formal Caution for Fraud
A Mental Health Nurse working at a Hampshire Trust has been given a Police Conditional Caution after an investigation revealed that they had worked for another employer while claiming sickness pay from the Trust.
The Local Counter Fraud Specialist (LCFS) undertook an investigation and found evidence that confirmed that the Nurse had worked at a care home during a period of sickness absence between December 2018 and January 2019.
The Nurse attended a voluntary Interview Under Caution at Portsmouth Police Station in November 2019 and was questioned by the LCFS. They fully admitted making a false representation, contrary to the Fraud Act 2006, by dishonesty stating that they were unfit for work when in fact they had been working for another employer.
The Nurse’s behaviour caused a £450.00 loss to the Trust, in the form of sickness salary payments that they were not entitled to. This loss does not take into account the additional staffing costs that were payable to temporary staff who provided care to vulnerable patients (over a crucial period) whilst the Nurse was absent.
It was agreed with Hampshire Police that a Conditional Caution was an appropriate sanction which would be held as a record on the Police National Computer (PNC). The subject was offered and accepted a Police Conditional Caution as an alternative to other criminal action. As a condition of this sanction the subject is required to repay the Trust the overpaid salary within 12 weeks or faces having to attend a Magistrates Court.
The Nurse no longer works for the Trust.
National Fraud News – Ex-Oxford NHS Boss Admits Lying About Degree
A former NHS boss lied about having a degree, a court heard (BBC News). Full story here.
National Security News – GP Guilty of Sex Assaults
A GP who cited Angelina Jolie and Jade Goody to instill fear in his patients about their health has been found guilty of sexually assaulting 23 women. Read more here.
Local Fraud News – Police Caution for Working While Sick
A former NHS Trust employee in Hampshire was given a Police Conditional Caution in December 2019, after admitting working full time as a taxi driver during a period of sickness absence from the NHS.
The matter was referred to the Local Counter Fraud Specialist after the employee had been seen driving a taxi while they were known to be absent from work. The subsequent investigation revealed that they had worked for a private taxi company throughout the sickness period, working an average of over fifty-eight hours per week.
The investigation highlighted that they had lied to their managers about the work during the absence period and again upon their return to work. The employee was interviewed under caution by the Local Counter Fraud Specialist at Southampton Central Police Station in December and admitted an offence of Fraud by False Representation. They were given the Police Caution on the condition that they repaid the fraudulently obtained sickness pay to their NHS employer, totaling £1,131.25.
A further loss of £267.39 was averted as sickness payments for the following month were frozen once details of the secondary employment were known.
National Fraud News – New Guidance Available to Prevent Fraud and Corruption in NHS Procurement
The NHS Counter Fraud Authority (NHSCFA) estimates the loss to the NHS from procurement fraud as £351 million (2017-18) each year.
To reduce the risk of procurement fraud, the NHSCFA has produced new guidance, in the form of eight fraud prevention quick guides covering the following subjects:
- Contract splitting.
- Contract reviews.
- Buying goods and services.
- Mandate fraud.
- Credit card fraud.
- Petty cash.
- Due diligence.
- Suppliers’ code of conduct: preventing fraud, bribery and corruption.
Each guide includes a brief overview of the fraud risk, along with information on how to spot the fraud, how to stop it and how to report a suspicion of fraud.
The guides can be provided by your LCFS or from the NHS CFA website.
Local Fraud News – Support Worker Dismissed for £3,000 Timesheet Fraud
A Support Worker from Hampshire has been dismissed after an investigation by the Local Counter Fraud Specialist (LCFS) revealed that the Support Worker had submitted timesheets for work that they had not done. The Support Worker was employed by a local hospital and worked for a temporary staffing agency at the same hospital.
The fraud came to light when the Support Worker submitted timesheets for temporary work at the same time they were working their normal substantive contracted hours. The investigation uncovered that seven shifts overlapped and the support worker had received over £750 for work they had not done.
The LCFS interviewed the support worker at a police station where the offences were admitted. The support worker made further admissions that they booked every available shift and did not check that they had undertaken the work before submitting the timesheets. The full cost of the fraud was over £3,000 which the worker agreed to repay.
Local Fraud News – Domestic Assistant Given Police Caution
A Domestic Assistant at a local Trust was issued with a Police Conditional Caution on 30th October and is facing disciplinary action after an investigation by the Local Counter Fraud Specialist (LCFS) revealed that they had continued working as a cleaner at a private organisation during a period of NHS sickness.
They admitted the offence during an interview with the LCFS at Southampton Central Police Station.
The fraud resulted in the incorrect payment of £681.97 in sickness payments and it was a condition of the Police Caution that the loss is paid back to the Trust within eight months.
Because of the prompt action taken by the LCFS and the Trust, the subject’s sickness payments were frozen the following month and a further loss of £1,406.50 was avoided.
National Fraud News – Pharmacy Director Imprisoned for Deliberate Overcharging
The director of a family chain of high street pharmacies in South Wales has been sentenced to 16 months’ imprisonment for deliberately overcharging the NHS for medicines at one of his branches. More information here.