There has been a sudden increase in the number of phishing emails being sent out in an attempt to cash in on the anxiety and confusion regarding the new Omicron Covid variant. The emails shown below attempt to impersonate the NHS and offer the recipient ‘free Omicron PCR today to avoid restrictions’.
The emails are sent from ‘NHS’ or ‘NHS Customer Service’ using the email address contact-nhs @ nhscontact.com and while it may seem authentic, it is not an email address related to the NHS and is being used to trick people into believing they are receiving genuine communication from the NHS.
The emails falsely claim that the new Omicron variant requires new kinds of PCR test kits, and invites the recipient to visit the site below, which takes the user to a fake website (healt-service-nh.com), which again has been designed to spoof the NHS website.
Upon visiting the website, shown below it immediately asks the user to input their full name, date of birth, mobile number and email address – all of which could potentially be used for further scams or even identity fraud.
It also asks for a payment for the delivery of the test kits, even though the NHS offer test kits to be delivered for free and asks the user to provide the users’ mother’s maiden name, which is a commonly used security question for many different services and logins.
If you receive an unsolicited email like the examples shown above, it is advised that you do not follow any of the links provided on the emails and you forward the phishing email to the National Cyber Security Centre at firstname.lastname@example.org and then block the sender.
Please get touch with one of the team if you have any further questions about this threat.