In this issue…

PAGE 2 Fake COVID-19 testing

PAGE 3 Phishing texts circulating

PAGE 4 Beginners guide to scams

PAGE 5 Scam updates

PAGE 6 Coronavirus scams

PAGE 7 Security matters

PAGE 9 NHSCFA guidance

Welcome to the latest

edition of Fraudulent

Times.

This newsletter has been designed to highlight areas of fraud within the NHS and to help you understand why we need to combat it effectively. By raising awareness of fraud cases it will help you to identify what fraud is and where it is most likely to occur.

As always, I hope that you will find our newsletter a useful and interesting read. We value feedback on the content so if you have any comments or suggestions for topics in future editions please email these to us at the address at the bottom of the page.

Craig Bevan-Davies

Assistant Director

Anti-Crime Services

360 Assurance

If you wish to report any concerns regarding fraud, bribery or corruption, please contact a member of our team (details can be found on the back page), ring our reporting line on 0115 883 5321, or contact the NHS Counter Fraud Authority Reporting Line on 0800 028 4060.

ISSUE 49 June 2020

A Newsletter from your Counter Fraud Specialist

counterfraud.360@nhs.net © 360 Assurance, 2020. All rights reserved.

Fraudsters have been quick to latch on to the coronavirus outbreak, with fake Centres for Disease Control emails and other scams already tricking the UK public out of £800,000, according to the police.

The National Fraud Intelligence Bureau (NFIB) have issued an urgent scam warning after identifying 21 cases of fraud involving coronavirus in February. Ten of the frauds involved desperate buyers of face masks, with one person paying £15,000 for masks that were never delivered.

Other frauds involve emails and texts purporting to be from research organisations affiliated with the Centres for Disease Control and Prevention and the World Health Organisation.

The NFIB said: ‘They claim to be able to provide the recipient with a list of coronavirus infected people in the area. In order to access this information, the victims needs to click on a link, which leads to a malicious website, or is asked to make a payment in Bitcoin.’

It added that it expected to receive many more reports of fraud as the coronavirus spreads globally.

The advice to consumers is not to click on links or attachments in suspicious emails, and never respond to unsolicited messages and calls that ask for personal or financial details. For a full breakdown of advice in relation to scams see page 4. (The Guardian, 2020).

Fraudulent Times

POLICE ISSUE WARNING AGAINST

CORONAVIRUS FRAUDSTERS IN UK

FraudulentFraudulent TimesTimes @NHSCounterFraud

The NHS Counter Fraud Authority (NHSCFA) recently launched an

expanded NHS Fraud Reference Guide. The guide is a simple but

essential way in which you can help in knowing how to spot NHS

Fraud. It contains information on different types of NHS fraud and

preventative advice, case studies and further resources. The guide contains new sections such as a

detailed look at 13 key areas of fraud, information on how to spot fraud, case examples and preventative

advice. The 13 key areas include procurement and commissioning fraud, pharmaceutical contractor

fraud, NHS staff fraud, EHIC fraud, fraudulent access to NHS care, NHS pension fraud and NHS student

bursary fraud.

You can find the expanded NHS Fraud Reference Guide here.

NHSCFA FRAUD REFERENCE GUIDE

The BBC has aired a second series of “Fraud Squad”, a series following the investigators

tracking down the criminals who steal £1.25 billion every year from the NHS—from organised crime rings

to NHS staff themselves. You can catch up on BBC iPlayer here: https://www.bbc.co.uk/programmes/

b0c2p9wb

Did you know?

A man has appeared in court charged with making fake kits which claimed to treat Covid-19.

Frank Ludlow, 59, was arrested in a Post Office near his home in West Sussex by the City of London

Police’s Intellectual Property Crime Unit after it was contacted by US counterparts.

The kits allegedly contained harmful chemicals which people were being told to use to rinse their mouths

with. Mr Ludlow has been charged with one count of fraud by false representation, one count of

possession of article for use in fraud and one count of unlawfully manufacturing a medicinal product.

He appeared before Brighton Magistrate’s Court and was remanded in custody until 20th April 2020.

Police officers have urged people to

seek advice only from registered

healthcare professionals. Tariq

Sarwar, from the Medicines and

Healthcare Products Regulatory

Agency, also said that people should

only buy medicines they need from

an authorised seller.

He added when buying online to

beware of illegitimate websites and

suspicious URLs. (BBC News, 2020)

counterfraud.360@nhs.net 2

CORONAVIRUS: MAN IN COURT OVER FAKE COVID-19 TREATMENT KITS

@NHSCounterFraud

FraudulentFraudulent TimesTimes @NHSCounterFraud

From websites selling fake COVID-19 blood screening tests taken down by several EU Member States’ law

enforcement authorities, to the seizure of substandard facemasks originating from Brazil, and the sale of

chloroquine via instant messaging apps: counterfeiters have been quick to cash in on COVID-19. The

outbreak of the coronavirus crisis has offered an opportunity for fast cash, as criminals exploit shortages

of genuine products and the anxieties of regular citizens. The profits generated by these criminals during

this time of crisis are likely very substantial, as these criminal operate in complete disregard of the health

and well-being of us all.

In a report published on 17th April 2020, Europol provided an up-to-date threat picture of counterfeiters

during the COVID-19 crisis. All information within the report is based on contributions from EU Member

States and Europol’s partner countries. Key findings from the report are detailed below.

The organised crime groups involved in the production and distribution of counterfeit goods have

once again proven highly adaptable in terms of shifting product focus, marketing and packaging to

suit or shape current demand. However, the main countries of production have remained the

same.

While some product offers for counterfeit goods related to the COVID-19 pandemic have appeared

on the dark web, the product offerings available there remain limited compared to the surface web,

which continues to host the primary distribution platforms for counterfeit goods.

Some of the platforms used to advertise and sell counterfeit goods pre-date the COVID-19

pandemic and have been monitored by law enforcement authorities. In addition to these

established platforms, a significant number of new websites were established for the express

purpose of profiting from the pandemic. These websites sell fake COVID-19 home test kits and offer

unconfirmed and often false advice on the treatment of COVID-19.

Some criminal groups may seize opportunities during the COVID-19 crisis to offer counterfeit or

substandard food items more widely due to increased demand following some citizen’s fear of

perceived food shortage.

Particular attention should be paid to developments and criminal innovation if a genuine vaccine

for COVID-19 is developed as this will likely prompt a wave of offers for counterfeit vaccines.

(Europol, 2020)

VIRAL MARKETING: COUNTERFEITS IN THE TIME OF PANDEMIC

counterfraud.360@nhs.net 3

Employees within the 360 Assurance client base have reported receiving a phishing text that reads:

’Donate to the NHS Charities Together Covid19 Fund and receive a home testing kit free of charge.’ The

sender is ‘NHSFund’. If you receive this text message please do not click on the link as the text message is

fraudulent. If you suspect fraud, bribery or corruption at work then this should be reported immediately

to your organisation’s Counter Fraud Specialist. For any concerns at home please contact Action Fraud on

0300 123 20 40 or report online at https://reporting.actionfraud.police.uk/login

CORONAVIRUS PHISHING TEXTS CIRCULATING

@NHSCounterFraud

Scams are getting more and more sophisticated, particularly when it comes to targeting you online and

through mobile devices. That’s why we think it is important that you know how you can recognize a scam, how to protect yourself and what you should do if you are a victim or have been targeted.

Scams can come in many forms, but are all designed to get hold of your money. They can do this by

getting you to reveal your personal details, stealing your information, or getting you to willingly hand over

the cash.

The tactics used by scammers and fraudsters can vary from someone coming to your front door to an

unexpected phone call. The internet and advances in digital communications have opened other ways for

scammers to target you and steal information. Chances are, you’ve come across the most common type

of scams—the spam email from a foreign prince or claiming to be from HMRC or your bank. However, while mail scams can be quite easy to spot and avoid, others are much more sophisticated.

Knowing what to be on the lookout for when it comes to scams is one of the best ways to protect

yourself.

Unsolicited or unexpected contact. If you have received any kind of contact, but particularly a phone call, out of the blue, it is best to avoid it. Since January 2019, there has been a ban on cold

calling about pensions. This means that you should not be contacted by any company about your

pension unless you’ve asked them to.

Email address. If you get an email, expand the pane at the top of the message and see exactly who

it has come from. If it is a scam, the email address that the message has come from will often be

filled in with random numbers, or be misspelled.

If it sounds too good to be true, it usually is. This is something you will normally find with pension or investment scams, where the fraudster guarantees you huge returns, but tells you it is low risk.

Personal details, PIN codes and passwords. These are things no legitimate company will ask you for.

Quick decisions. If you are pushed into making a decision on the spot, be suspicious. Scammers

don’t want you to have time to think about it.

Random competitions, particularly if you don’t remember entering them, should ring alarm bells.

You can find a more comprehensive list of the warning signs for specific types of scams here.

The next step to avoiding scams is to know how to protect yourself. While some of these are good advice

in general, many are aimed at keeping you safe online.

Avoid any unexpected contact. Any phone calls, letters, emails or people knocking on your door

should be ignored.

Never give out personal information. This could be used to steal your identity and access accounts.

Keep operating system and virus protection software up-to-date. Don’t ignore updates as these can

often include patches to protect against new kinds of scams, viruses and ransomware. This goes for

mobile devices as well.

Make sure all accounts have a strong password. Don’t use the same password for multiple accounts.

If you think that you have been scammed you should report it immediately to Action Fraud on 0300 123

2040 or use the Action Fraud online reporting tool.

A BEGINNERS GUIDE TO SCAMS

FraudulentFraudulent TimesTimes @NHSCounterFraud

counterfraud.360@nhs.net 4

@NHSCounterFraud FraudulentFraudulent TimesTimes @NHSCounterFraud

counterfraud.360@nhs.net 5

Warning about false Danske bank messages

Action Fraud are aware of a rumour currently circulating via

WhatsApp, SMS and social media which references the City of London

Police Fraud Team and claims that Danske Bank customers are being

targeted by a particular text message (smishing) scam. The content of

this message is false.

However, smishing scams are common. It’s important that you

remember that your bank would never ask you to move money out of

your account, or contact you out of the blue and ask for details such

as your full banking password or PIN.

Anyone who has divulged information after receiving this type of

message should contact their Bank immediately. (Action Fraud 2020)

Spoof Government Websites and Communications

A number of scams spoofing government websites and communications have recently been revealed.

Between Saturday 11 April and Tuesday 14 April 2020, Action Fraud received 23 reports of phishing

emails that purported to be sent from HMRC. The emails stated that the recipient was eligible to receive

a tax refund of up to £775.80. To complete the refund, recipients were asked to send proof of identity

and proof of address. Documents that were suggested included a person’s passport and a utility bill.

Between Wednesday 8 April and Thursday 16 April 2020, Action Fraud received 131 reports of phishing

emails in the style of official ‘GOV.UK’ emails and using the same logo and branding. These emails told

the recipient that they could get a reduction in their council tax because they were on low income or

receiving benefits. A link was provided for recipients to claim for their reduction which, they are told, will

be transferred directly to their bank account.

HMRC branded emails asking recipients to send copies of their passport, utility bills and bank statements

via a link to an infected site. Other variants of HMRC branded emails target businesses in relation to tax

returns and the Coronavirus Job Retention Scheme, These emails divert to fake websites to obtain

personal details.

UK Government free school meal scam emails, stating the following: ‘As schools will be closing, if you’re

entitled to free school meals, please send your bank details and we’ll make sure you’re supported’. The

UK Government has confirmed this is a scam email.

Commander Karen Baxter, City of London Police, National Lead Force for Fraud said: ‘It is extremely

important that if you receive an email or text out of the blue that you are not expecting, you don’t click

on any links or attachments . Instead, visit the official GOV.UK website by typing it directly into your web

browser so that you can ensure the information you are seeing is genuine. (Action Fraud, 2020)

SCAM UPDATES

@NHSCounterFraud

FraudulentFraudulent TimesTimes @NHSCounterFraud

counterfraud.360@nhs.net 6

Healthcare bodies, medical research organisations, pharmaceutical companies,

academia, and local governments have all been targeted. Most of these attacks used

‘password spraying’ to gain access to a large number of accounts. Europol reported that the Czech

Republic highlighted a cyber-attack on Brno University Hospital which forced the hospital to shut down

its entire IT network, postpone urgent surgical interventions and re-route new acute patients to a nearby

hospital.

Did you know?

Unfortunately, there are a small minority of individuals who will seek to exploit the COVID-19 outbreak to

line their own pockets. In fact, your Counter Fraud Specialist has been made aware of a number of scams that specifically relate to the COVID-19 pandemic. We have listed some below for you to be wary of,

however, this list is far from exhaustive.

TV Licensing: We’ve seen as many as four different TV license phishing emails in the last few weeks, some much more convincing than others. These fake emails

include claims that the TV license is about to expire and need to be renewed or

that the payment method has expired .

Virgin Media: Reports have been received of emails purporting to be from Virgin Media, informing recipients that their bill is ready. The emails include information

on how Virgin Media are responding to the COVID-19 outbreak. Other emails

advise the recipient that their account will be frozen because their payment

details could not be validated. Recipients are asked to click on a link to re-validate and amend their billing details. The links provides an opportunity for fraudsters to

steal email passwords and personal details.

EE: We have been made aware of spoofing messages purportedly from the UK’s

largest mobile phone network which try to steal personal information. The emails

use official EE imagery, luring victims with the subject line “View Bill—error” and

report that there has been an issue with the customer’s payment urging them to

update their details with EE. Once victims click the fraudulent link they are taken to a phishing page.

Amazon Prime: There have been reports of customers receiving automated phone

calls purporting to be from Amazon, telling them their Prime membership is set to

be renewed. The automated call tells customers that £79.99 will be debited from

their bank account for the renewal. Amazon Prime generally costs £7.99 a month,

and is billed on a monthly basis. The fraudsters give people the option of

cancelling the subscription over the phone. They are told to “press one” in order

to cancel the transaction. Upon doing this the victim is directed to a fraudster who is posing as an Amazon customer service representative.

HSBC: We have been made aware of emails purporting to be from HSBC which

claim to provide all customers with £500 due to the pandemic. Other banking emails state that the recipients account is compromised and require a new

account to be created for funds to be transferred.

WASH YOUR HANDS OF CORONAVIRUS SCAMS!

Telephone: 0115 883 5317

Mobile: 07920 711 764

Email: kelvinlangford@nhs.net or

kelvin.langford@emas.nhs.uk

Kelvin is responsible for the oversight of all Security

Management work we undertake.

We currently provide full Security Management

Services to all Nottinghamshire, Derbyshire and

Leicestershire CCGs.

Kelvin Langford

Principal Anti-Crime Specialist

(Security Management)

Security Matters

Secretary of State for Health and Social Care, Matt

Hancock, writes to all NHS staff about the problem of

violence faced by those working for the NHS. The letter

refers to the 2019 NHS Staff Survey which showed that

15% of NHS staff experienced physical violence from

members of the public and patients in the past year.

He highlights how going forward the NHS has joined forces

with the police and the Crown Prosecution Service to

approve a joint agreement on offences against emergency

workers. This will ensure that those who act violently and

with criminal intent towards NHS staff are swiftly brought

to justice.

It is essential that all leaders in the NHS at every level

support their staff, including enabling them to access any

training they need and use the full weight of the law, when

necessary, to protect their workplace. You can read the full

letter to the workforce, as published on 18 February 2020,

here.

VIOLENCE AGAINST NHS STAFF: LETTER TO THE

WORKFORCE

Since the coronavirus pandemic landed in Britain, NHS workers have suffered a number of thefts and

attacks from the public including two doctors who were approached for their ID badge in a failed

mugging; nurses being called ‘disease spreaders’ and being heckled in the street; a troll telling a

Staffordshire paramedic she ‘was the reason the COVID-19

death toll rises’ after she posted a viral selfie; and pharmacists

being intimidated and sworn at by customers.

As a response to the increasing levels of violence hospitals are

warning workers not to wear their uniforms in the street and

to cover their security lanyards/badges amid a spike in abuse

aimed at NHS staff. (Daily Mail, 2020)

FraudulentFraudulent TimesTimes @NHSCounterFraud

counterfraud.360@nhs.net 7

NHS STAFF ARE WARNED ABOUT ATTACKS DURING THE CORONAVIRUS PANDEMIC

@NHSCounterFraud FraudulentFraudulent TimesTimes @NHSCounterFraud

counterfraud.360@nhs.net 8

A man who claimed to have had COVID-10 has been jailed after coughing on Derbyshire police officers.

The incident happened on Thursday 2nd April in Swarkestone, South Derbyshire after police were called

following reported from members of the public that a man was being abusive and threatening.

When the officers arrived, they found a man carrying a two inch piece of wood and waving it above his

head in a threatening manner. He was arrested and the piece of wood taken off him. Whilst the officers

spoke to the man and asked if he was, or had been suffering from the virus, he replied: ‘I’ve already had

it, I’ve got over it and now I am a super spreader so…’ He then coughed in the direction of three officers.

The subject, Christopher McKendrick, who is 58 years old and lives in Swarkestone, was arrested. He was

later charged with offences: common assault, possession of an offensive weapon in a public place, assault

by beating of an emergency worker, and using threatening, abusive and insulting words or behaviour to

cause harassment, alarm or distress.

Mr McKendrick appeared at Southern Derbyshire Magistrate’s Court on Friday 3rd April where he

pleaded guilty to the offences. He was jailed for a total of 16 weeks and ordered to pay a victim surcharge

of £122.

Inspector Chris Thornhill, who is in charge of policing in South Derbyshire, said: ‘I am pleased that the

courts have taken swift and decisive action in this case, my officers are on the front-line and are putting

themselves at risk to protect others. They spoke to the arrested man to get information that would help

protect them and others and did not deserve the response they got from him. (Derbyshire Police, 2020)

MAN WHO CLAIMED TO HAVE COVID-19 JAILED AFTER COUGHING ON DERBYSHIRE POLICE OFFICERS

A man has been charged with fraud after allegedly spending six free nights at a hotel by claiming to be an

NHS worker.

Ben Quince checked into the Casa Hotel in Lockford Lane, Chesterfield, at the end of March on a floor

reserved for NHS staff. He stayed their for six nights and allegedly told staff he worked in the A&E

department at Chesterfield Royal Hospital.

The hotel is offering complimentary lodgings for health workers during the coronavirus pandemic. Mr

Quince, of no fixed address, has been charged with fraud by false representation. He appeared at

Southern Derbyshire Magistrate’s Court on Monday 6th April and was bailed to appear again at a later

date. (Independent, 2020)

MAN CHARGED WITH FRAUD AFTER PRETENDING TO BE AN NHS WORKER TO GET SIX FREE NIGHTS AT

A HOTEL

The Chartered Institute of Public Finance and Accountancy (CIPFA) have issued

guidance around protecting your supply chain from fraud. The document sets out fraud risks to be wary

of including mandate fraud, fictitious and unqualified suppliers, conflicts of interest and kickbacks. The

document also highlights how you can help protect your organisation from fraud. The key points made

are to always trust your gut, if something looks too good to be true, it probably is! Always make sure you

document all decisions and to not be pressurised, not everything needs to be procured quickly.

Did you know?

@NHSCounterFraud FraudulentFraudulent TimesTimes @NHSCounterFraud

counterfraud.360@nhs.net 9

The NHS Counter Fraud Authority (NHSCFA) have produced an array of COVID-19 guidance on their public

facing website. The information covers a number of key fraud risk areas in light of the current COVID-19 pandemic. You can view the NHSCFA’s website here, or alternatively use the links below to direct you to

specific guidance pages.

Protecting the NHS from fraud during COVID-19.

Emergency measures taken during the coronavirus

pandemic may pose an increased risk of fraud to the

NHS. This page provides advice and guidance for the NHS on emerging fraud risks relating to COVID-29, as

well as links to resources by stakeholders which may

able be helpful.

Mandate fraud risks. The guidance on this page is for

those staff working within NHS procurement, finance

and payroll teams, particularly those responsible for

setting up bank account details and processing bank

payments. It is important that managers and staff

remain vigilant as ever when paying suppliers as

analysis indicates that vulnerable periods—such as the COVID-19 pandemic—are more at risk for

mandate fraud to occur within the NHS.

Procurement fraud risks: staying vigilant. This page provides guidance to senior managers and staff of the

most prominent procurement fraud risks during the

COVID-19 pandemic. The NHSCFA’s immediate

concern is the relaxation of procurement rules and practices to allow NHS bodies to procure goods,

services and works with extreme urgency.

NHS recruitment fraud risks. The guidance on this

page is for staff working in NHS recruitment, human

resources and administration. It is important that

managers and staff remain alert to the possibility of false identity documents, false right to work

documents, failure to declare criminal convictions

and false qualifications.

NHSCFA PUBLISH COVID-19 GUIDANCE

Anti-Crime Contacts Craig Bevan-Davies (Assistant Director Anti-Crime)

The strategic head for all counter fraud and anti-crime work. Also responsible for: Sherwood Forest Hospitals NHS Foundation Trust,

Nottingham City Care Partnership.

0115 883 5323 craig.bevan-davies@nhs.net

07785445905

Matthew Curtis (Anti-Crime Team Manager) Responsible for: Leicestershire Partnership NHS Trust, Leicester City CCG,

East Leicestershire and Rutland CCG, West Leicestershire CCG.

0116 295 6905 matthew.curtis1@nhs.net 07920138329

Joanna Clarke (Principal Anti-Crime Specialist) Responsible for: Nottingham University Hospitals NHS Trust

0115 883 5321 joanna.clarke3@nhs.net 07816272666

Robert Purseglove (Principal Anti-Crime Specialist) Responsible for: Sheffield Health and Social Care NHS Foundation Trust,

Chesterfield Royal Hospital NHS Foundation Trust, Sheffield CCG, The One Health Group

01709 428 702 robert.purseglove@nhs.net 07827842964

Ian Morris (Anti-Crime Specialist) Responsible for: Lincolnshire Partnership NHS Foundation Trust, East Midlands Ambulance Service NHS Trust, Derby and Derbyshire CCG

0115 883 5319 ian.morris7@nhs.net 07920138606

Claire Croft (Anti-Crime Specialist) Responsible for: Barnsley Hospital MHS Foundation Trust, Sheffield

Teaching Hospitals NHS Foundation Trust, Rotherham CCG

01709 428 710 claire.croft1@nhs.net 07920138354

Liz Coleman (Anti-Crime Specialist) Responsible for: Nottinghamshire Healthcare NHS Trust, University

Hospitals of Derby and Burton NHS Foundation Trust, Derbyshire Healthcare NHS Foundation Trust

0115 883 5320 liz.coleman3@nhs.net

07785692226

Chris Taylor (Anti-Crime Specialist) Responsible for: DHU, Sheffield Children’s NHS Foundation Trust, Bassetlaw

CCG, Barnsley CCG

01709 428 701 christaylor2@nhs.net 07342072907

Amanda Smith (Anti-Crime Specialist) Responsible for: Rotherham, Doncaster and South Humber NHS Foundation

Trust, The Rotherham NHS Foundation Trust, Doncaster CCG

01709 428 701 amanda.smith61@nhs.net 07920138323

Taelor Martin (Anti-Crime Specialist) Responsible for: Nottingham and Nottinghamshire CCGs. Also provides

support for: Sherwood Forest Hospital NHS Foundation Trust and Nottingham City Care Partnership.

0115 883 5323 taelor.martin@nhs.net

07464251746

Shaun Fleming (Bank Anti-Crime Specialist) Responsible for the general support of all anti-crime work.

shaun.fleming2@nhs.net

24 Hour Hotline: 0800 028 40 60 Online Reporting Tool:

https://cfa.nhs.uk/reportfraud

FraudulentFraudulent TimesTimes @NHSCounterFraud

counterfraud.360@nhs.net 10