For the majority, the pandemic has been a time of worry and concern for the future, but for some, it has been seen as an opportunity.
At a time of heightened sensitivity, with limited contact with the outside world, an unsolicited and convincing email, text or call urging action to be taken to prevent a possible sanction only adds to the stresses people have felt.
Perhaps in normal times, receiving such a communication could be discussed easily with a work colleague or family member to check if something is genuine, giving time to pause and think. With many in isolation however, there is not perhaps the same level of communication with others, leaving people with a feeling of needing to respond, and thus potentially exposing themselves to divulging sensitive information which can then be utilised for illegal means.
The communications can take many forms, and can appear to come from a variety of institutions, such as banks, online retailers, and even government institutions such as HMRC or the NHS. Changes to retailing practices requiring account updates, compromised bank accounts requiring action to prevent fraud and even the threat of criminal action for tax offences or suspension of accounts are just a few of the methods employed to try and coerce someone into giving up information they would not normally divulge. Whether it is a phone call or an email directing a person to click through to a link to provide information, these approaches all have the same common goal, and usually have the intention of trying to gain access to sensitive financial information.
If a communication is received which does cause concern, then the best advice in the short term is to pause and take time to look into it further before responding, or even responding at all. Many institutions such as banks and HMRC will never ask for information such as passwords, so it is worth contacting them through channels you would normally use to check whether they have in fact contacted you. Agencies such as the National Cyber Security Centre provide online practical advice as to what to do if something suspicious is received.
In many cases, a few short checks about the communication received will lead to a decision not to respond, and perhaps even to report the matter to the authorities. For some, however, the nature of the communications can be so convincing that they may not even know they have been targeted, and the first they learn of it is when access to a bank account is locked, or transactions have taken place which they were unaware of. In such cases, discussions with the relevant bank can usually resolve matters.
In some cases, however, compromised information can lead to more sophisticated activity, with companies being cloned and websites set up to divert traffic away from genuine sites. This can lead to enquiries from the authorities, as well as the need to face reputation issues as a result. Where an individual or company suspects that their details are being used by others for illegal means, it is important to react as soon as possible to prevent potential losses and also to prevent reputation damage. Seeking advice from specialist experts adept at dealing with issues concerning fraud and reputational damage will help limit any fallout which could arise.
The information in this blog is for general information purposes only and does not purport to be comprehensive or to provide legal advice. Whilst every effort is made to ensure the information and law is current as of the date of publication it should be stressed that, due to the passage of time, this does not necessarily reflect the present legal position. Gherson accepts no responsibility for loss which may arise from accessing or reliance on information contained in this blog. For formal advice on the current law please don’t hesitate to contact Gherson. Legal advice is only provided pursuant to a written agreement, identified as such, and signed by the client and by or on behalf of Gherson.
©Gherson 2021