As many staff are currently working from home, please make sure you are aware of the increase in the following scams:

WhatsApp security

We have been made aware that a member of staff’s ‘WhatsApp’ account has been hacked into and their contact details in their phone have also been accessed.

If you use WhatsApp for communicating with colleagues please be extra vigilant. We recommend that you set up the two factor authentication on your account to add an additional level of security.

Please also refer to WhatsApp FAQ, Staying Safe on WhatsApp.

Please also ensure that you adhere to the Trust policy on the use of social media applications

  • Each group must have a designated owner & assign administrators as required to control access
  • Patient identifiable data (PID) must not be shared via communication apps
  • No photos, videos or PID must be stored on the user’s personal phone whilst using communication apps.
  • When sending messages via the communication app users must check the recipients before sending messages to ensure all contact details are correct.
  • Users are responsible for taking all reasonable steps to safeguard their device.
  • Users must not screen print or copy the screen.
  • Users must not voice record without acknowledgement and consent of those they are recording.

Phishing emails/Fraud/Ransomware

Action Fraud has received over 1,000 reports of coronavirus-themed phishing attempts. People are clicking on links in emails and opening attachments, which then compromise their personal information, email logins, passwords and banking details. Some of the tactics being used by fraudsters in phishing emails include:

  • Purporting to be from the Centre for Disease Control and Prevention (CDC) and World Health Organisation (WHO) offering to provide a list of active infections in specific areas. Corrupt links will take victims to a credential-stealing page or make involuntary payments into a Bitcoin account.
  • Publishing misleading articles about the virus outbreak with a link to a fake company website where victims are encouraged to click to subscribe to a daily newsletter for further updates.
  • Sending investment and trading advice to take advantage of the coronavirus downturn.

What to look out for:

  • Many phishing emails have poor grammar, punctuation and spelling.
  • Poor design and overall quality.
  • Is it addressed to you by name, or does it refer to ‘valued customer’, or ‘friend’, or ‘colleague’? Are the latter generic ones, the scammer?
  • Asking you to act urgently? Be suspicious of words like ‘send these details within 24 hours’ or ‘you have been a victim of crime, click here immediately’.
  • Does the sender sound legitimate? Or trying to mimic someone?
  • Sound too good to be true? It probably is. It’s most unlikely that someone will want to give you money, or give you access to a secret part of the internet.
  • Your bank, or any other official source, should never ask you to supply personal information from an email.
  • If unsure, check any claims made in the email through another channel.

Wider fraud

The NFIB (National Fraud Investigation Bureau) has suggested, that the following fraud types could increase during the COVID-19 outbreak:

  • Online shopping and auction fraud
  • Computer software service fraud
  • Lender loan fraud – people may look to quick loans to see them through tough times
  • Mandate fraud – with more people working from home, it may be easier to impersonate senior decision makers and request a change in direct debit or standing order payments.
  • Investment fraud including pension liberation fraud – fraudsters could create bogus investments in commodities in high demand, e.g. oxygen or anti-bacterial gel.

Computer software service fraud

Criminals may cold call you claiming there are problems with your computer and they can help solve them. They often use the names of known and trusted companies such as Microsoft and Apple, they may also use the name of your Broadband provider.

The criminals may ask you to complete a number of actions on your computer, and may even be able to demonstrate an “error”. Then they tell you they need remote access and ask you to download software, this is known as a Remote Access Tool.

This gives the criminal complete access to everything on your computer. They can access and copy your data or download malware to monitor what you do in future.

Never give an unsolicited caller remote access to your computer.


  • Banking Trojan being disguised as ‘ways to get rid of Coronavirus’, convincing potential victims into downloading malware.
  • Fake websites masquerading as coronavirus tracking maps. When users visit the fake site, they’re infected with malware designed to capture sensitive information, including logins for banks, email accounts and social media platforms.


Reporting to Action Fraud can be done online here or by calling 0300 123 2040.

To report offers of financial assistance from HMRC, contact