Do you know how to spot your vishing from your smishing to avoid being a victim of vaccine scams?

Covid-19 vaccination scams have sadly been in the headlines increasingly over the last few weeks. In December 2020, London's Metropolitan Police Force Cyber Crime Unit was made aware of three Covid vaccine scams, however officers believe the actual number that have taken place could be slightly higher and that people are not reporting these types of incidents to the police.


The three types of scams so far have been:


Vishing (Voice calls)

Individuals are being contacted by phone offering the vaccine for a fee or asking for bank details. They are also asked to press a number of their phone keypad or to send a text message to confirm that they wish to receive the vaccine. Doing so is likely to result in a charge being applied to their phone bill.


Smishing (SMS)

Potential victims receive a text message offering them the vaccine. They are prompted to follow a link that redirects them to a very convincing fake NHS website that requests personal/financial information.


Phishing (E-mail)

Phishing emails encouraging users to fill out a form to register for a vaccination. Perpetrators are typically hoping to extract personal information/user credentials.

To help keep the public aware, the Metropolitan Polices Cyber Crime Unit has also created a video showing what to look out for online to avoid becoming a victim of vaccine fraud.


The Met Police, the NCSC and the NHS have worked together and created a short, sharp video that takes 45 seconds to watch and provides really useful information on how to stay safe online and what the public can do to protect themselves from criminal behaviour.

Anyone who receives what they believe to be a vishing, smishing or phishing form of communication is asked to report it to the Police or to Action Fraud.


Phishing emails can also be forwarded to report@phishing.gov.uk and smishing texts to 7726.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.