New Virus, Increased Risk
The landscape in relation to crimes committed against the NHS changed significantly in a very short period of time given the outbreak of the COVID-19 pandemic; we all need to be alert to emerging threats and the impact these crimes will have across all NHS service lines.
Currently the NHS is facing one of the most difficult challenges in its history, responding to the COVID-19 pandemic by ensuring funding, supplies and services are being delivered to those most in need. Whilst we are all working hard to help patients, NHS colleagues and our families, there remains a significant minority who will take advantage of this crisis to commit crimes for personal gain. This minority can have a major impact on the already stretched NHS finances and staffing resource.
As the NHS tackles the enormous task at hand, our adherence to the usual rules and organisational policies, systems and processes may become more relaxed when the demands of supporting service delivery become increasingly under pressure. For example, with the sudden changes to working practice, staff may be absent due to illness or deployed elsewhere with inexperienced or new staff being hired and given great responsibility. These pressures may result in the usual checks and controls being bypassed. Controlled areas such as procurement, the supply chain, recruitment, sickness and absence management, E-Rostering and security of secure and safe environments will take second place to our focus on saving lives.
We have reviewed all of our clients existing Fraud and Security Risk Assessments in the light of COVID-19 and the emergency measures introduced by the Government. In line with the NHS England / Improvement letter to NHS Executives, all NHS organisations were required to consider their fraud resilience and business continuity plans to ensure they had due consideration to potential fraud, bribery, corruption and security risks.
Whilst our Fraud and Security Risk Assessments assist our clients in identifying the risks, all NHS organisations are encouraged to continually review their risk registers, in line with their own local frameworks and update them to reflect the current position with regards to some of the well-known fraud and security risk areas during the national emergency. Risk registers should be further updated to consider and respond to emerging fraud and security risks arising from the COVID-19 pandemic.
Our Local Counter Fraud Specialist’s (LCFS) and Local Security Management Specialists (LSMS) have ensured that all of our client’s counter fraud, bribery and corruption and security risk arrangements are robust. We are engaging with clients regularly regarding emerging risk areas. Whilst we recognise that priorities are focused on defeating the virus, fraud, violence against staff and thefts pose a real risk to valuable NHS resources.
The Fraud and Security Management Service is regularly liaising with law enforcement and public sector colleagues and is continuously monitoring reports of fraud and other crimes against the NHS. We urge Executive NHS leads to be aware of and consider the Government Counter Fraud Function advice in the document ‘Fraud Control in Emergency Management: COVID-19 UK Government Guidance’. This document details imminent threats to the NHS and the various principles for effective fraud control.
Your Fraud and Security Management team is closely monitoring the fraud and security risk developments across our client base, the NHS sector and other sectors and will report further updates when intelligence and other information is received. In the meantime should you have any concerns relating to fraud, bribery, corruption and security please do not hesitate to contact your LCFS or LSMS directly.
Latest news and guidance
The stories here are listed in date order, with the newest at the top. Check back regularly to keep yourself up to date.
Warning Over Covid-19 Vaccine Phishing Attacks
The public have been warned to be on high alert to fraudsters seeking to exploit the news of the Pfizer vaccine to attempt to steal information. Cyber security experts have urged people to be careful of unsolicited telephone calls, text messages and emails from anyone offering to reserve them a jab of the new Pfizer vaccine.
Pfizer have said that, if successful, the vaccine will not be able to be bought privately.
Simon Fell, the Chairman of the All Parliamentary Group on Cyber Security, said that it was extremely likely that scammers would seek to take advantage of the news of the vaccine which could prevent coronavirus for up to 90 per cent of people
Record Numbers of Phishing Attacks Recorded During Pandemic
It has been reported that the Government’s National Cyber Security Centre (NCSC) dealt with 194 coronavirus-related incidents involving ‘hostile states’ and ‘criminal gangs’, which led to the overall number of serious attacks reaching a record of 723.
The newly created service where anybody could report a suspicious email to NCSC at email@example.com has received an astonishing 2.3 million emails, which, the agency has said, has resulted in 22,000 internet sites being taken offline.
The extra threat posed by state and criminal hackers meant that NCSC dealt with 10% more incidents in the year to 31 August, the highest level since the organisation was first formed in 2016.
Ransomware incidents – where a hacker disables an IT system or steals sensitive data and demands a payment for restoring or returning it (such as the wannacry attack in 2017 that impacted the NHS) saw a 300% increase in the past year.
Further information on protecting yourself and the NHS against cyber crime is available on the Fraud and Security Management Service’s cyber crime webpage.
New COVID Fraud Hotline Launched
A new COVID Fraud hotline has been announced by the Police in partnership with Crimestoppers.
However, concerns about Covid related frauds against any other part of the public sector can now be reported by calling 0800 587 5030. More information is available at www.covidfraudhotline.org.
Fake Covid-19 Tax Refunds Culprit Jailed
The CPS are warning the public to be aware after a fraudster was jailed for using the Covid-19 lockdown to offer fake tax refunds.
New Police Advice Issued
The Metropolitan Police has published two documents, one providing advice on staying safe should you receive contact from somebody claiming to be a Test and Trace Contract Tracer and the other providing general advice to avoid being taken in by the many common scams that you may be targeted by. Click each image below to view.
Scam Warning over Test and Trace
Councils in England and Wales have issued a warning that the public may be targeted by scammers pretending to be NHS test and trace workers.
NHS Workers Targeted by Insurance Scam
Key workers have been warned to be on the lookout for fraudulent insurance deals after a man was accused of targeting NHS staff as part of an alleged car insurance scam. The IFB and City of London Police have urged key workers to be wary of online deals offering significantly discounted cover, warning that victims could be left significantly out of pocket. Last week a London subject was arrested on suspicion of operating a ghost broking scheme and was accused of offering discounts on the fraudulent scheme to NHS workers via social media.
One in Ten Adults Victim of Coronavirus Related Fraud
A report from the Credit Industry Fraud Avoidance Service (CIFAS) states that more than one in ten UK adults have fallen victim to COVID-19 fraud: Opportunistic criminals are using COVID-19 to their advantage, having successfully scammed more than one in ten Brits out of about £556 each — collectively costing the nation £3.6bn.
A survey of 2,000 UK consumers found that 23% had been targeted by digital fraud between March and May of which 12% was Coronavirus related. Email and telephone fraud appeared most popular methods at 29% of reported cases each, while 12% of cases were carried out in person. 18% of cases related to requests to donate money for PPE, 16% related to donating to companies claiming to offer a cure for the virus while 16% related to buying goods in short supply that were not delivered (e.g. toilet roll or hand sanitiser.
A recent article on the BBC website details the many different types of Coronavirus related frauds that have been reported.
These shocking numbers demonstrate the need to remain vigilant, if you receive any kind of suspicious request for money or information you should contact your Local Counter Fraud Specialist.
Spotting the Trace and Track Scammers
The BBC have published an article giving advice on how to tell if a ‘trace and track’ call is genuine, with advice on how to spot false and fraudulent calls.
Organised Criminals Exploiting Loneliness During Lockdown
A charity has warned that organised criminals will be exploiting loneliness during lock-down to take money from romance scam victims.
Working From Home Advice: Is Your Call Confidential?
The National Fraud Initiative database website includes a warning for staff working at home to be wary of conducting confidential work calls or web-meetings within ‘earshot’ of Alexa or other similar devices.
Many of these devices are sound activated and recordings are retained, so confidentiality issues need to be considered. It is recommended that the microphones on such devices are deactivated before any such calls or meetings, or consideration is given to siting the unit in another room.
Organisations should consider including this advice in any working from home guidance and Communications Policy.
Fraudsters Target NHS ‘App’ Users
It has been reported that a text message scam targeting users of the NHS Coronavirus tracing ‘app’ has been identified and users are warned to be vigilant.
Key Workers’ Video Plea Targets Assaults on Frontline Staff
Nottinghamshire Police report that a video has been launched by doctors, nurses, paramedics, police officers, prison officers, firefighters and other frontline workers from across the county as they continue to work hard to spearhead the nationwide response to the outbreak.
Scotland Police Report Over 100 Coronavirus Related Attacks
It is reported that Police in Scotland have recorded over 100 Coronavirus related attacks.
Your Local Security Management Specialist would like to remind you that an assault does not have to be physical; spitting or deliberately coughing at someone can still be treated as a criminal matter. It is important that all incidents are reported, if you have suffered a similar incident please contact your organisation’s Local Security Management Specialist.
Local Government Association Reports Increase in Fake Covid-19 Related Goods
The Local Government Association is reporting that some councils have seen a “significant surge” in reports of scams by those seeking to exploit virus fears.
New Security Guidance Issued
The Centre for the Protection of the National Infrastructure (CPNI) have posted some security advice on their website for consideration during the Covid-19 pandemic, including a document called ‘Personal Security During a Pandemic’.
Multiple Charges and Convictions for Coughing at Hampshire Police Officers
A Portsmouth man has been charged with assaulting an emergency worker after coughing at a Police Officer and claiming that he had Coronavirus. A report of a second similar incident in Portsmouth can be viewed here. Meanwhile an Isle of Wight man has been jailed for six months for doing the same thing.
Woman Jailed for Deliberately Coughing at Police Officer
A woman in South Tyneside has been sent to prison for 21 weeks after deliberately coughing at a Police Officer.
Unprecedented Number of Scams Linked to Coronavirus Reported
The BBC have reported that law enforcement agencies report an unprecedented number of scams linked to the Coronavirus pandemic.
BBC Reports That Hundreds of Scam Covid-19 Online Shops Have Been Taken Offline in the UK
The BBC reports that criminals are taking advantage of increased online shopping following the Covid-19 pandemic, with 471 fake online shops that were selling fraudulent virus-related items being taken offline.
Google Blocking 18 million Scam Coronavirus Emails Every Day
It has been reported that the Coronavirus pandemic has resulted in millions of scam Coronavirus emails being blocked by Google every day.
Man Charged With Selling Fake CV-19 Treatment Kits
When people are stressed, ill, or scared, they can be more likely to accept things without checking and this can lead to bad decisions. This can make them vulnerable to unscrupulous fraudsters looking to profit from an unusual situation. This story details a case where a Sussex man has been charged for selling fake and harmful Covid-19 testing kits.
Security Management Specialist Warning – Staff Safety
There has been a number of articles and social media posts regarding possible assaults on NHS staff for their ID badges and uniforms.
Please see this report of a genuine incident in Lincolnshire.
The member of staff was shopping during the “NHS hour” of shopping at a supermarket and was attacked outside.
In addition, elsewhere over the weekend, it was reported that a person was seen watching the vehicle of a member of community care staff who was attending a patients home address. The HCA went back to the vehicle with a family member to find the rear window to their vehicle smashed and a rucksack stolen containing an iPad, purse and prescription pad.
The Security Management Specialist is aware that since COVID 19 the supply of illicit drugs into the UK has reduced significantly and as a result street prices of illicit drugs are rising, and their quality is diminishing. In addition the illicit trade in prescription medication is increasing.
Criminals will increasingly target healthcare premises to attempt to obtain a variety of controlled drugs and other medication to divert onto the black market and drug users may suffer increased harm due to their drugs being cut with other substances with an impact on urgent care and other drug related services. As a result controlled drugs and prescription forms are more likely to be targeted by criminals. Staff should ensure that they remain vigilant with the security arrangements around these items.
The messages to staff are:
- Where possible they wear a coat or similar over any uniform
- As far as practicable, do not wear uniform outside of work
- Only take out your NHS lanyard and identification badge when you are safely in premises and remove it before you leave
- Ensure that your lanyard and identification badge remain securely stored and out of sight
- All items identifying any vehicle as belonging to an NHS or care worker (such as car parking pass or ticket) should be removed
- Any valuables or other items should be locked securely in the boot out of sight.
HMRC Warning – Tax Avoidance Promoters Target Returning NHS Employees
HMRC has published an alert on Gov.uk relating to unscrupulous promoters of tax avoidance schemes, who are targeting workers returning to the NHS to help respond to the COVID-19 outbreak.
They are warning returning NHS workers to be very careful not to sign up to these schemes, which they consider to be tax avoidance. They are keen to ensure this message reaches as many returning staff as possible, who face the greatest risk of being targeted by these schemes.
New Police Advice on Covid-19 Scams
Hampshire Constabulary have issued new advice on the many and varied Coronavirus-related scams that have been reported to Action Fraud.
Covid-19 Leads to Increased Thefts
Reports are being received that the Covid-19 outbreak has seen a sharp rise in reports of theft of items such as scrubs, face masks, gloves and in particular hand gel / spirigel hand sanitiser. There have even been anecdotal reports of wall mounted dispensers being pulled off the wall and of the units and refills appearing for sale on eBay. While some items have to be left in public view (hand sanitiser for example) care should be taken to ensure that stocks are stored securely and usual best practices for managing and securing assets are followed.
Vulnerable Targeted by Covid-19 Scammers
The vulnerable are being targeted by unscrupulous scammers taking advantage of the Covid-19 pandemic, a report warns.
Latest Fraud and Security Management Service Advice
The Fraud and Security Management Service have produced a risks document which provides useful web-links and current information and guidance for all NHS organisations and their employees on how to spot and tackle the emerging fraud and security threats from the COVID-19 outbreak. The landscape will continue to evolve at a fast pace over the next 6-12 months and therefore our fraud and security management web pages will be a useful resource for all of our clients to assist them in understanding and managing the risks going forward. Download the COVID-19 Fraud & Security Risks Document.
Click to download
NHS England Controlled Drugs Team Alert
An alert from the NHS England Controlled Drugs Team issued on 25th March warned of an increased risk of the theft of controlled drugs and outlined measures that should be taken.
If you have not received the alert please contact either the NHS England Controlled Drugs Team or your Local Security Management Specialist.
Any drug thefts should ordinarily be reported as a crime via 101 and to your Local Security Management Specialist, BUT if there is any risk to yourself or others then in an EMERGENCY please continue to dial 999.
Hampshire Police Alert – Computer Service Software Fraud
Hampshire Constabulary have issued the following alert:
“We know many of you may be working from home today, helping to #StayHomeSaveLives, so we wanted to share the following advice from our Action Fraud colleagues.
As more people work from home due to #COVID19, fraudsters may capitalise on slow networks and IT problems, to commit computer software service fraud.
Be wary of cold calls or unsolicited emails offering you help with your device or to fix a problem.” More information here.
Click to enlarge
Latest Government Advice
Click to enlarge
The NHS Counter Fraud Authority has issued the latest Government Counter Fraud Function Guidance on anti-fraud action to be taken to mitigate the risks posed by the virus.
Latest Police Advice
On 14th March 20020, Hampshire Constabulary issued a Crime Prevention Update which included reports of increased CV-19 related crimes.
Click to download
Latest Action Fraud Advice
Click to enlarge
A warning from Action Fraud has been issued regarding increased CV-19 related fraudulent activity.
8,341 total views, 2 views today