Cyber fraud is the new focus of the NHS Fraud Reference Guide, building on the existing information on different types of fraud which is tailored for the NHS and wider health sector.

The expanded NHS Fraud Reference Guide aims to provide a cyber fraud awareness resource for NHS organisations to help them protect themselves from the threat of cyber fraud. The content will also assist Local Counter Fraud Specialists in informing and educating NHS people on this topic.

Within the introduction, the difference between the cyber offences are highlighted and we have included a glossary of common cybercrime terms and associated definitions. The key cyber threats are set out within a number of sections, which include social engineering, passwords, payment diversion fraud, and malware.

The project complements a drive across government to encourage organisations to refine their understanding of the threat from cyber fraud and provide advice to assist the public in staying safe online.

Criminals continue to target members of the public by sending emails and messages purporting to be from government agencies including the NHS, as we recently highlighted in relation to COVID-19 vaccine fraud.

With this in mind, we also tailored our cyber fraud awareness resource to support all NHS staff and the public on how to protect themselves from cyber fraudsters and stay safe online. There are a number of useful resources including links to the National Cyber Security Centre Cyber Aware webpage and NHS Digital’s Cyber Security Operations Centre – Effective cyber security

We have also developed our first ever cyber fraud quiz, a product which is available to all NHS organisations, NHS staff and the public who can test their knowledge of the cyber fraud content within the NHS Fraud Reference Guide.

There are a number of reporting channels depending on which specific incident has occurred and these are documented within the reporting section.

This project was led by the NHSCFA’s Fraud Prevention Unit working together with colleagues both internally and externally including our Intelligence, Organisational Development and Digital teams as well as NHS Digital and the Police Digital Security Centre.