Coronavirus: a golden opportunity for fraudsters?

While businesses have their hands full with the impact of the coronavirus pandemic, fraudsters are taking advantage of the distraction to commit cybercrime.

The coronavirus pandemic has put businesses under a huge amount of pressure. Finances are strained, attention is focused on adapting to the huge changes the global lockdown has caused, and many businesses have had to quickly adapt to employees working from home or being absent. Whilst these businesses are dealing with this pressure, fraudsters are rubbing their hands together in glee, as these same pressure points provide them with opportunities to commit cybercrime.

Examples include:

  • An increase in push payment fraud. Fraudsters use weaknesses in online security to hack onto a business’ systems, then impersonate one of those business’ trading partner’s email addresses (often with only one letter different, making it very difficult to pick up), say they have changed their bank account details (perhaps using the coronavirus pandemic as an excuse) and ask for a trade payment to be made to the fraudster’s bank account. By the time the fraud is realised, the fraudster will aim to transfer the money out of reach.
  • Fraudsters might use the same tools to mimic creditors of a business to ensure funds are misdirected to their account.
  • Fake offers of tax refunds of financial support from HMRC, asking for a business’ contact details and bank card numbers.
  • Ransomware attacks, where fraudsters use the disruption caused by the coronavirus pandemic, and particularly seldom used work from home network configurations, to attack systems and encrypt data, demanding a payment to return data.

Businesses should be alert to a change in tone of communications with suppliers, new bank account details being provided, varied email addresses and a refusal to discuss the payment verbally.

If you do suspect there has been a fraud, it is important to act quickly to maximise the chance of recovering the stolen funds. In the context of a push payment fraud, for example, you should consider contacting the following as soon as possible:

  • Relevant banks (both your bank and the bank of the fraudster) to enable them to freeze the relevant account
  • The police
  • The legitimate trading partner/creditor, and
  • Your insurer.

We can assist you in:

  • Coordinating the above steps
  • Investigating how the fraud has happened and the extent of the loss
  • Advising you on next steps and taking action trace, preserve and recover stolen funds. There are a variety of tools the English legal system offers to pursue fraudsters, including obtaining orders against banks to allow them to disclose bank account statements so we can see where the money has gone, and freezing orders that freeze a fraudster’s bank accounts to stop them dissipating the funds any further.

For further information, see our articles on using Norwich Pharmacal disclosure orders to trace stolen funds here, on tackling fraud in the UK using freezing injunctions and similar orders here and on fidelity fraud here.


Our content explained

Every piece of content we create is correct on the date it’s published but please don’t rely on it as legal advice. If you’d like to speak to us about your own legal requirements, please contact one of our expert lawyers.

Mills & Reeve Sites navigation
A tabbed collection of Mills & Reeve sites.
My Mills & Reeve navigation
Subscribe to, or manage your My Mills & Reeve account.
My M&R


Register for My M&R to stay up-to-date with legal news and events, create brochures and bookmark pages.

Existing clients

Log in to your client extranet for free matter information, know-how and documents.


Mills & Reeve system for employees.