Scammers are trying to capitalize on hype surrounding the new Omicron COVID-19 variant by impersonating the UK National Health System with fake emails claiming to offer PCR tests ‘to avoid restrictions.’
The campaign, reported to Which? by a thoughtful ‘member of the public,’ seemingly only targets UK residents for now.
The email subject line reads “Apply now for Omicron PCR test to avoid restrictions,” which sounds like a classic scare-tactic employed by phishers.
Impersonating the NHS, it claims Omicron has forced the medical industry to come up with all-new PCR tests, “as the new variant appears dormant in the original test kits” (screenshot below, courtesy of Which?).
The text body is rife with spelling mistakes, missing spaces, fear-inducing claims – the lot. However, the message may trick the untrained eye, especially since it claims to come from [email protected] – which sounds legit enough to be convincing.
Those who fall into the net and press the “get it now” link are taken to a fake (but legit-looking) NHS website which tries to get your full name, date of birth, address, mobile number, email address and even your mother’s maiden name – all the data needed for identity theft later on.
And while the fake test itself might be free, delivery is not. Victims are asked to fork out £1.24 – an attempt not just to get their money but likely also to steal credit card information.
Don’t engage with unsolicited emails, text messages or phone calls that try to induce a sense of urgency and get you to act in one way or another. It’s a scare tactic used by phishers since the dawn of social engineering.
Use this guide to understand the many facets of phishing and how to defend yourself.
Any attempts to compromise your security should be reported to your local cybersecurity center. For Brits, that’s the NCSC at [email protected].