Simply Business homepage
  • Business insurance

    Business insurance covers

  • Support
  • Claims
  • Sign In
Call Us0333 0146 683
Our opening hours
Covid-19 Support Hub

How to protect your business against coronavirus scams

4-minute read

Simply Business Editorial Team

31 March 2021

Share on FacebookShare on TwitterShare on LinkedIn

Since we all started spending a lot more time online, business owners have reported a rise in scams that capitalise on the pandemic.

Scams include phishing emails, fake HMRC tax refunds, fake vaccine appointments, as well as investment scams. We’ve all seen them, but fraudsters can be very convincing, so it can be easy to fall into the trap. Here’s how to protect yourself – and your business.

According to the police, there have been more than 6,000 reports of scams relating to coronavirus during the pandemic. And figures from Action Fraud show that £34.5 million has been lost to scams since 1 March 2020.

General security advice includes using two-factor authentication for your email and business accounts, turning on automatic backup of your important data, and using security features on your devices.

There's also a national campaign, Take Five, to stop fraud – but what else can you do?

1. Remote access scams

Scammers use social engineering – a term used to describe how fraudsters use human psychology to manipulate people by preying on their fears – to get people to give them access to their devices from any location. By pretending to be your bank or phone company, for example, scammers convince you to download legitimate remote access software like TeamViewer or GoToMeeting.

With a simple passcode, they’ll then be able to control your screen and can download software or steal bank account details and passwords without you knowing.

How to protect yourself

It’s very difficult to get money back from your bank if you’ve willingly given someone permission to access your device.

If you think you might have been scammed, you should contact your bank immediately, change your passwords, and report it to Action Fraud.

While fighting this type of cybercrime needs support from all areas of society, you should remember to never install software if a cold caller asks you to. If it seems convincing (which it often does) you can always hang up and contact the organisation directly using a verified phone number or email address.

Pauline Smith, Head of Action Fraud, said: “Unsolicited requests to remote access your computer should always raise a red flag. It’s easy to feel embarrassed when faced with unexpected or complex conversations but it's okay to stop the discussion if you do not feel in control of it.”

2. Fake HMRC emails

You may have seen scam emails claiming to be from HMRC before. They usually promise a non-existent tax refund to get you to enter your financial details – this is a Covid-19 variation.

This coronavirus scam says that the government has established a new ‘tax refund programme’ to help the self-employed protect themselves.

HMRC scam example

HMRC has also highlighted an SMS message they’ve seen that promises a ‘goodwill payment’ from the tax authority. While other scam callers claim to be HMRC informing you about a ‘fraud case’ in your name.

How to protect yourself

While these messages may look real enough on the surface, they’ll usually contain errors, typos and odd phrasing.

HMRC says that you shouldn’t reply to the email or SMS, or open any links in the message. HMRC will never send email notifications about tax refunds or rebates and you can always contact HMRC if you’re not sure about something you’ve received.

You can forward a fake email to HMRC to help in their investigations against scams (just make sure you delete it after).

Read about how to check whether HMRC emails are genuine.

3. Fake communication from local councils

Swansea Trading Standards issued a warning about a scam message offering residents a payment “as part of its promise to battle Covid-19”.

The link takes you to an official-looking (but fake) page that asks you to enter your card details, including your security number.

Cyber crime Swansea

How to protect yourself

Again, these messages will usually have typos and errors. Another clue is in the URL. If it’s an official government website, the registered domain will have ‘gov’ in the URL.

You should delete any messages you get like this without clicking on the links.

Mark Thomas, Cabinet Member for Environment and Infrastructure at Swansea Council, said: “Ensure that if you receive anything like this you check the origins of the contact and stop and think are you expecting this contact.”

4. Cyber attacks

The National Cyber Security Centre (NCSC) highlights that organisations of all sizes have been working remotely since the outbreak of the pandemic. So if you have employees working at home, you could be facing additional cyber security challenges.

Hackers and scammers could get hold of data or passwords if you don’t take the right cyber security measures.

Sign up for our newsletter

Stay up-to-date with the latest from the Simply Business coronavirus support hub.
Sign up now to get guides, resources and offers.

Your email address will be used by Simply Business so that we can send you the latest guides, offers and tips. You can unsubscribe from these emails at any time. For more information, check out the Simply Business Privacy policy.

How to protect yourself

The NCSC says that you should create strong passwords and use two-factor authentication (2FA) where possible when setting up new accounts for home working.

You can also use Virtual Private Networks (VPNs) to let your employees access your systems remotely.

And you should make sure you communicate security risks to staff – for example, let them know why they should lock their devices, and encourage early reporting of theft and loss.

The NCSC has more on preparing your staff for home working.

5. Fake investment schemes and trading advice

The FCA reports that “sophisticated, opportunistic” scammers have been using the coronavirus pandemic to come up with scams involving pensions transfers and high-return investment opportunities (including investments in cryptoassets).

Scammers use many channels, including phone calls and social media advertising. They’ll almost always appear too good to be true.

How to protect yourself

The FCA lists a number of ways to protect yourself against these scams. Firstly, they say you should reject offers that come out of the blue, for example from firms you’ve never heard of or dealt with before.

They say you shouldn’t rush or be pressured into making a decision, or give out personal details. And you can check the FCA Register to see whether a firm you’re dealing with is authorised by the FCA (you can also check the FCA’s warning list to find out whether you’re dealing with scammers).

Have you come across any scams related to coronavirus? Let us know in the comments below.

Ready to set up your cover?

As one of the UK's biggest business insurance providers, we specialise in public liability insurance and protect more trades than anybody else. Why not take a look now and build a quick, tailored quote?

Start your quote

We create this content for general information purposes and it should not be taken as advice. Always take professional advice. Read our full disclaimer

Find this article useful? Spread the word.

Share on Facebook
Share on Twitter
Share on LinkedIn

People also liked

19 November 20202-minute read

Landlords could be targeted in new capital gains tax raid

Landlords could be hit by another massive tax raid, as the Office of Tax Simplification outlines its recommendations for an overhaul of…

Read more

Keep up to date with Simply Business. Subscribe to our monthly newsletter and follow us on social media.

Subscribe to our newsletter


Public liability insuranceBusiness insuranceLandlord insuranceTradesman insuranceCharity insuranceNot for profit insuranceRestaurant insuranceCommercial van insuranceInsurers


6th Floor99 Gresham StreetLondonEC2V 7NG

Sol House29 St Katherine's StreetNorthamptonNN1 2QZ

© Copyright 2022 Simply Business. All Rights Reserved. Simply Business is a trading name of Xbridge Limited which is authorised and regulated by the Financial Conduct Authority (Financial Services Registration No: 313348). Xbridge Limited (No: 3967717) has its registered office at 6th Floor, 99 Gresham Street, London, EC2V 7NG.