New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Phishing Campaign Uses Omicron Variant to Target Victims

The United Kingdom’s consumer protection organization ‘Which?’ published two samples of new phishing emails pretending to be from the United Kingdom’s National Health Service (NHS) warning about the new Omicron variant. The emails offer the recipient a free PCR test that will allegedly allow them to avoid restrictions. To add trust in the emails, the malicious address used for distributing these emails is ‘[email protected]’. If the link in the email is clicked, the victim is taken to a fake NHS website where the recipient is instructed to enter their full name, date of birth, home address, mobile phone number, and email address. The victim is also required to pay £1.24 ($1.65), which is supposed to cover the delivery cost of the test results. Threat actors are using these payments to steal payment details from the victim.

Analyst Notes

Threat actors are constantly evolving their attacks and using the latest news to design campaigns that appear to be legitimate and prey on the victims’ emotions. In this case, they are using the new COVID variant. These attacks have been targeting the UK, but it is very possible and likely that similar attacks will be seen in the US. Proper training is required to teach employees how to spot phishing emails. If someone believes they have fallen victim to this scam they should cancel the payment method that they used immediately.