More than 6,000 cases of Covid-related fraud and cyber-crime have been recorded by the UK’s police forces during the pandemic.
The Action Fraud team said £34.5m had been stolen since 1 March 2020.
It covers activity in England, Wales and Northern Ireland, but not Scotland.
In a related development, the National Cyber Security Centre said it is tackling about 30 “significant attacks” a month against the country’s pandemic response infrastructure.
These involve attempts to breach the NHS, vaccine producers and vaccine supply chains, among other organisations.
“There unfortunately have been a number of successful ransomware incidents against businesses – I can think of roughly around 10,” NCSC operations director Paul Chichester said.
There is one of the scripts used to con victims to believe they were talking to their bank.
Other figures disclosed by City of London Police, which co-ordinates efforts to combat fraud, include:
more than 150 related arrests were made since the pandemic began
more than 2,000 websites, phone numbers and email addresses linked to the crimes were taken down
there was a total of 416,000 reports of fraud and cyber-crime
The activity peaked between April and May 2020, and January 2021 – both times when lockdowns were in force.
This may be the tip of the iceberg.
The National Crime Agency estimates that just one in five fraud cases are typically reported to the police.
And the volunteer-run Cyber Helpline told journalists only a quarter of those who had contacted it after a cyber-attack said they had also reported the incident to the police.
Many of the scams involved conning people out of their money and financial details by focusing on internet shopping.
Related fraud was 42% higher over the pandemic than the preceding year, as criminals took advantage of the fact many physical stores had been forced to close.
Anna – not her real name – from Cheltenham was one of thousands of people who received an SMS message asking her to go online and rearrange a parcel delivery.
She filled in her details, but later suspected something was wrong. She alerted her bank and cancelled her bank card.
Anna came close to being thousands of pounds out of pocket
“I thought, now I have nothing to worry about, everything is fine and case closed,” she told the Media.
But the criminals used the details they had already obtained to authorise her bank to credit her account with a £9,000 loan.
And a short while later they called her, pretending to be the bank.
Not realising the scam, Anna told them she had not taken out a loan.
“They gave me the sort code and bank account number I needed to pay back the loan, and said if I paid the £9,000 there wouldn’t be any charges.
“But then I was still feeling suspicious, so I Googled the sort code, and it came up with a completely different bank.”
So, Anna called her bank directly and realised the scammers had returned.
“I didn’t lose any money but it did feel like a real burglary to be honest,” she said.
She closed her account, and changed her email address and mobile number. But she still does not feel safe.
Charities are also common targets.
One in three charities suffered a cyber-attack during the first 10 months of the pandemic, according to Ecclesiastical Insurance.
One victim actually specialises in offering cyber-security advice to others.
Hackers got inside Charity Digital’s network for seven days without being detected. They compromised its email accounts and sent false invoices to clients.
The organisation’s chief executive, Jonathan Chevallie, mentioned the breach had not been noticed in part because all his staff had been working from home.
Charity Digital spent more than £10,000 investigating the attack and has produced an online webinar to help…