Security News > 2021 > January > Beware of this active UK NHS COVID-19 vaccination phishing attack
A very active phishing campaign is underway pretending to be from the UK's National Health Service, alerting recipients that they are eligible to receive the COVID-19 vaccine.
The phishing email, shown below, asks the recipient if they want to accept or decline the invitation to schedule their COVID-19 vaccination.
Regardless of the button selected, the recipient will be brought to a fake NHS site stating that they were chosen for the vaccination based on their medical history and genetics.
"The NHS is performing selections for coronavirus vaccination on the basis of family genetics and medical history. You have been selected to receive a coronavirus vaccination," the phishing landing page reads.
To help people spot NHS COVID-19 phishing scams, the NHS tweeted today that the vaccine is free of charge and that they will never ask for bank account info or copies of personal identification documents.
The NHS has created a webpage explaining how people will be contacted to receive the COVID-19 vaccination and spot a scam.
News URL
Related news
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- 1.1 Million UK NHS Employee Records Exposed From Microsoft Power Pages Misconfiguration (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Ransom gang claims attack on NHS Alder Hey Children's Hospital (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)