An COVID-19 Omicron phishing campaign has been detected that spoofs the UK’s National Health Service and attempts to get individuals to disclose sensitive personally identifiable information and financial details.
The campaign takes advantage of fear about the new Omicron variant of the coronavirus which could potentially be more transmissible than other SARS-CoV-2 variants and make current vaccines less effective. Scientists around the world are very concerned about this new SARS-CoV-2 variant and detected cases are rising fast, with many scientists predicting Omicron will become the dominant variant worldwide in just a few weeks.
Throughout the pandemic, scammers have taken advantage of fear about the SARS-CoV-2 virus and COVID-19 to trick people into disclosing sensitive information or installing malware. The new variant presents another ideal opportunity for conducting phishing attacks.
The latest campaign targets the PII and requests the victim’s full name, address, telephone numbers, date of birth, and email address under the guise of an application for a free Omicron COVID-19 test from the UK National Health Service (NHS). Which? recently raised the alarm about the scam.
Omicron Phishing Scam Emails. Source: Which?
The emails are sent from contact-nhs[@]nhscontact.com and could be viewed as legitimate, especially since the NHS logo and color scheme are used. The emails advise recipients that they should apply for the free Omicron PCR tests today to avoid restrictions such as a 10-day isolation.
The emails contain a clickable box that directs the user to a website that mimics the NHS patient portal and requests sensitive information. If the user visits the website, they are told that they must enter “a few personal details” and that any information provided will be treated “in accordance with data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act (DPA) 2018.”
The NHS provides free healthcare, including lateral flow tests for home use and PCR tests, but the scammers claim that in order to send the tests the user must pay the £1.24 postage fee. To take that payment, users are required to provide financial information and their mother’s maiden name. Naturally, the scammers are not interested in £1.24 payments. The PII provided along with financial account information will give the scammers all they need to defraud victims.
To avoid becoming a victim of a phishing scam it is important to stop and think about any email or text message and to consider any response. Any text message with a hyperlink should be treated as suspicious and the link should not be clicked. Visit the official website of any company/organization referenced in the message to verify the authenticity of the communication. Always check the destination URL in any email and verify that it is an official domain used by that company/organization.
If you receive a phishing email, make sure it is reported as this will help to prevent others from falling victim to the scam. Phishing emails can be reported by forwarding the messages to [email protected] and text messages should be forwarded to 7726.