CSSC Updates

22 May 2020 

The CPNI have recently published a new behaviour change campaign on their public website;

 

https://www.cpni.gov.uk/covid-19-workplace-actions-0

 

The campaign is designed to help shape workplace behaviour as organisations prepare to unlock.  They created this campaign for their internal use, but believe that many organisations and businesses will have similar concerns and thought they would share it more widely.

 

The two documents, which are too large to be included as attachments, include a comprehensive set of PDF posters that can be selected and placed where appropriate to the size of the office space and shared spaces within. The other is a guide from the CPNI on the campaign.

 

Both documents can also be accessed on the CSSC website:    www.thecssc.com

18 May 2020 

Please find attached a NCTPHQ UK Protect Bulletin, a CPNI advice note re protecting pedestrian queues from vehicle as a weapon attack.

Head of National Business Engagement

National Counter Terrorism Policing HQ
New Scotland Yard, London, SW1A 2JL

Click Below to access the report

30 April 2020 

Please find attached an HM Government Counter Fraud Function – ‘Mandate Fraud’ guidance document issued.

Click Below to access the report

17 April 2020 

THURSDAY 16 APRIL 2020

 

CURRENT COVID-19 FRAUD RISKS

·       Mandate fraud

·       Courier fraud

·       Romance fraud

·       Online shopping fraud

·       Auction fraud

·       Insider fraud

·       Copycat fundraising pages (eg. using images/content from successful campaigns)

·       Data breaches associated with home working practices/security

·       Phishing emails (18.5% of all emails to CoLP phishing inbox are COVID-related)

·       Counterfeit cheques and mule bank accounts

·       Unsecure video conferencing websites

 

 

ANTICIPATED AND/OR EMERGING ISSUES

·       An increase in app and game-based malware could result in data leakage, premium text and call fraud and a rise in direct debit disputes.

·       COVID-19 phishing emails and telephone calls masquerading as the UK government or other trusted entities such as WHO, doctors surgeries and local authorities.

·       There are concerns about devices that would not be permitted in the workplace being used by employees working from home.

·       With call centres moving to home working there are concerns that organised crime groups could try to exploit this and apply for jobs in call centres to harvest data from the inside.

·       An increase in companies being established with COVID in their name might give rise to new fraud risks.

 

SOME SIMPLE PREVENTATIVE TIPS …

·       Use BACs payments (and not cheques) wherever possible.

·       Always report suspicious fundraising (donation) pages directly to the relevant platform so that they can be looked into. 

·       Read the online safer giving guidance created in collaboration with the Fraud Advisory Panel.

·       Use the following resources developed by TakeFive:

o   TakeFive business toolkit

o   Business advice webpage

o   COVID-19 advice webpage

 

Also see …

 

The Crown Prosecution Service (CPS) has issued interim guidance to manage the coronavirus pandemic on the courts setting out case prioritisation and the factors that prosecutors should consider. Available here.  

 

The Solicitors Regulation Authority have published an updated note on conducting anti-money laundering due diligence during the COVID-19 crisis and the useful checks that firms should be doing when we are not seeing clients face-to-face. Available here.

 

The Financial Conduct Authority and Prudential Regulation Authority (PRA) have issued guidance to regulated firms on furloughing staff in senior positions stating that the MLRO, CEO and Chair should only be furloughed in exceptional circumstances. Available here.

 COVID-19+Fraud+Watch+summary

 

 

09 April 2020 

NCSC Joint Advisory COVID-19 exploited by malicious cyber actors – 9 Apr 2020

Dear Industry Sector Leaders,

Please find attached a joint advisory from the United Kingdom’s National Cyber Security Centre (NCSC) and the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). 

This advisory provides information on exploitation by cyber criminal and advanced persistent threat (APT) groups of the current coronavirus disease 2019 (COVID-19) global pandemic. It includes a non-exhaustive list of indicators of compromise (IOCs) for detection as well as mitigation advice.

Joint+Advisory+COVID-19+exploited+by+malicious+cyber+actors+V1.pdf

 

06 April 2020 

Dear Industry Sector Leaders.

The CSSC has entered into a partnership with a very useful website set up by Philip Ingram MBE. Titled ‘The Covid Telegraph’.  This new site has accumulated facts, articles and advice in relation to the Covid 19 virus.

You have the freedom to share the details at your discretion, and where appropriate.

The link to the Telegraph is here: https://thecovidtelegraph.com

Philip welcomes further content and will publish, it if it meets the criteria of being from a recognised expert and verifiable source.

03 April 2020 

The College of Policing and National Police Chiefs Council have produced a briefing in relation to Covid-19, whilst aimed at policing, it would be of interest and benefit to business and provide some answers to questions around police powers, particularly in relation to restrictions on movement and gatherings.   This updated version is a result of the feedback you have been giving and fed back into policing.      

 

https://www.college.police.uk/Documents/COVID-19-Police-brief-in-response-to-Coronavirus-Government-Legislation.pdf

 

02 April 2020 

CPNI have produced high level guidance on good personnel security practices during the impact of a national/global pandemic, such as the COVID-19 virus, where usual security practices are either suspended or changed to reflect different working patterns, either on a temporary or permanent basis.

For specific guidance on the COVID-19 pandemic please visit: https://www.gov.uk/coronavirus