UK businesses applying for government Covid-19 loans at increased risk of email fraud

An investigation released today from cybersecurity firm Proofpoint has found that 80% of banks currently accredited by the UK government for Coronavirus Business Interruption Loan Scheme (CBILS) loans could be putting loan applicants at risk of fraudulent email attacks during the application process.

Only 13 out of the 64 accredited banks have implemented the adequate level of protection, which stops cybercriminals from spoofing their identity to defraud victims (known as DMARC – Domain-based Message Authentication, Reporting & Conformance). This protocol stops cybercriminals spoofing an organisation’s identity and decreases the risk of email fraud for customers. 

Cybercriminals regularly use spoofing to pose as government bodies or respected institutions, such as banks or financial organisations, by sending an email from a supposedly legitimate sender address. This makes it almost impossible for an ordinary internet user to identify a fake sender from a real one.

While the findings suggest 80% of accredited banks are not proactively blocking fraudulent emails from reaching targets, of the 64 accredited banks, 61% have no published DMARC record at all. This is leaving them wide open to impersonation attacks.

It comes at a time of heightened risk as the volume of cyberattacks utilising Covid-19 has increased dramatically. Initially, Proofpoint was seeing about one campaign a day worldwide but the team is now observing three to four each day across several languages.

Preventative measures

“By not implementing simple, yet effective email authentication best practices, these accredited organisations are putting already vulnerable businesses at even greater risk, whilst Covid-19 related attacks are on the rise.” said Adenike Cosgrove, Cybersecurity Strategist, International at Proofpoint.

“In times of urgency and uncertainty, individuals are much more susceptible to these kinds of attacks, particularly if a fraudulent email looks like it has come from a genuine domain. In tandem with the fact that the UK government has mandated this email authentication standard for public sector organisations, having the recommended level of DMARC protection is essential for any organisation accredited for the CBILS.”

In light of the increased risks, businesses should be wary of any communication that instructs them to hand over personal information or financial details. People should also ignore all unexpected solicitations by email. Banks will not ask for highly sensitive information via these channels.

Business owners should also avoid clicking on unknown links, even from senders that appear official. If the information contained in an email looks legitimate, corroborate it with an official source. In addition, keep an eye out for spelling and grammatical errors. If an official-looking email includes spelling mistakes, it’s unlikely to be legitimate.

To assess the level of DMARC adoption among CBILS-accredited lenders, Proofpoint conducted an analysis of the corporate domains of the 64 organisations featured on British Business Bank’s list of current accredited lenders and partners as of May 11th 2020.

No comments yet.

Leave a Reply

in development