Security News > 2021 > January > Beware of this active UK NHS COVID-19 vaccination phishing attack

A very active phishing campaign is underway pretending to be from the UK's National Health Service, alerting recipients that they are eligible to receive the COVID-19 vaccine.
The phishing email, shown below, asks the recipient if they want to accept or decline the invitation to schedule their COVID-19 vaccination.
Regardless of the button selected, the recipient will be brought to a fake NHS site stating that they were chosen for the vaccination based on their medical history and genetics.
"The NHS is performing selections for coronavirus vaccination on the basis of family genetics and medical history. You have been selected to receive a coronavirus vaccination," the phishing landing page reads.
To help people spot NHS COVID-19 phishing scams, the NHS tweeted today that the vaccine is free of charge and that they will never ask for bank account info or copies of personal identification documents.
The NHS has created a webpage explaining how people will be contacted to receive the COVID-19 vaccination and spot a scam.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)