Recent reports reveal a new COVID-19 related phishing scam targeting vaccine eligible people in the UK. Emails claim to be from the NHS and falsely appear to come from the email address noreply[@]nhs.gov.uk while the legitimate NHS domain is nhs.uk. The subject contains lines that let the recipient know they’re eligible to be vaccinated. Recipients are asked to make a decision about being vaccinated, and regardless of their selection, they are brought to a fake domain that again asks them to make a decision. Similar to the email, regardless of the user’s decision they are then asked to input personal information such as name, mother’s maiden name, address, mobile number, credit card information, and banking information. If all these steps are completed, the browser refreshes to the legitimate NHS webpage. The NHS has made it clear that they will never ask for payment information and that the vaccine will be given free of charge to eligible candidates.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased