/ Scams

Warning: new fake NHS COVID Pass emails and texts

Scammers are hoping to cash in on any confusion around the end of pandemic restrictions – watch out for these fake emails and texts.

08/11/21: Fake texts continue

We’ve been made aware of new fake text messages relating to Covid Passes – this example tells the recipient that theirs is ‘ready to be processed by our team’.

As with other examples we’ve seen, the message attempts to get you to click through on a suspicious link that’s posing as the NHS via a sub domain.

Fortunately this site now appears to have been removed by the host, however it’s an opportunity to remind everyone to be aware of these fake text messages and the tactics they employ. Our advice for spotting and avoiding them can be found below.

08/07/21: Covid Pass scams

The NHS Covid Pass was recently launched so people can show their Covid vaccine or test status, which might be needed to travel and gain entry to some events.

Vaccine passes are completely free. You can download a digital version using the NHS app, or ask for a physical copy to be posted to you.

But fraudsters have been sending out fake NHS branded emails, falsely inviting people to apply – and pay – for a pass. We’ve also seen fake text messages along the same lines. These texts can be especially convincing as the NHS does contact patients using text messages.

Examples of fake NHS Covid Pass messages

Here’s one of the phishing emails we’ve seen:

And here’s a text message that links to a copycat NHS site that aims to steal victims’ personal and banking details:

We know that scammers used similar tactics when the vaccine became available. The NHS Counter Fraud Authority (NHSCFA), which works to fight and prevent fraud affecting the NHS, told us:

Criminals are using the Covid-19 vaccines as a way to target the public by tricking them to hand
over cash or financial details. They are sending convincing-looking text messages letting people
know they are eligible for the vaccine or phoning people directly pretending to be from the NHS, or
local pharmacy.

The NHSCFA have put together guidance and advice to help anyone who may be a
target of these kinds of scams – Covid-19 vaccine fraud (cfa.nhs.uk)

NHS Covid passes are free of charge and can be obtained through the NHS website and app.
Instructions on how to get one are detailed here.

If you believe you are the victim of a fraud relating to the COVID-19 vaccine, please do not report
this to the NHSCFA. Please report it to Action Fraud, forward any suspicious emails to
report@phishing.gov.uk, and forward suspicious texts to 7726.

How to deal with NHS-related phishing

The best way to avoid text message scams is to never follow the links in texts that claim to be from organisations or companies.

Experience: “How I almost fell for the fake vaccine text”

If you get a text purporting to be from the NHS that you’re not sure about, check the details with your GP surgery or NHS service.

Guide: how to spot a text message scam

Guide: how to get your money back after a scam

Phishing emails should be reported to the National Cyber Security Centre on report@phishing.gov.uk

Fake texts (smishing) can be forwarded to 7726 (spells SPAM on the keyboard).

Have you been targeted by these fake NHS messages or similar? Let us know what happened in the comments, and help us spread the word by sharing these warnings with your friends and family.

Comments
MRS JOYCE BOLDERO says:
22 January 2022

Fake text message received today – 22/01/2022 from – +447306592139 – asking us to PAY

Please report this message as suggested in the introduction, Joyce. Just forward it to 7726.