At Ipswich Building Society we want to help our members to keep their money safe and protect them from scams. As such we will publish regular blogs on our website advising of the latest scams and top tips to look out for.
Covid Vaccine Passport scam
There is a Covid Vaccine Passport scam email going around that purports to be from the NHS and informs recipients that they can apply for their “Digital Coronavirus Passports”.
Clicking on the link within the email, takes you to a convincing but fake NHS website that asks for personal and payment details. (for an admin fee). The website has since been taken down, but similar emails/websites may appear.
Your vaccination status is obtained FREE through the NHS App, website or by calling the NHS on 119.
More information can be found on the gov.uk website;
Fake emails often (but not always) display some of the following characteristics:
- The sender’s email address doesn’t tally with the trusted organisation’s website address.
- The email is sent from a completely different address or a free web mail address.
- The email does not use your proper name but uses a non-specific greeting like “dear customer”.
- A sense of urgency; for example, the threat that unless you act immediately your account may be closed.
- A prominent website link. These can be forged or seem very similar to the proper address, but even a single character’s difference means a different website.
- A request for personal information such as username, password or bank details.
- The email contains spelling and grammatical errors.
- You weren't expecting to get an email from the company that appears to have sent it.
- The entire text of the email is contained within an image rather than the usual text format.
- The image contains an embedded hyperlink to a bogus site.
What should you do if you’ve received a scam email?
- Do not click on any links in the scam email.
- Do not reply to the email or contact the senders in any way.
- If you have clicked on a link in the email, do not supply any information on the website that may open.
- Do not open any attachments that arrive with the email.
If you think you may have compromised the safety of your bank details and/or have lost money due to fraudulent misuse of your cards, you should immediately contact your bank.
If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud.
Have you spotted a suspicious email?
- If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS): firstname.lastname@example.org
- The message might be from a company you don’t normally receive communications from, or someone you do not know. You may just have a hunch. If you are suspicious, you should report it.
- Your report of a phishing email will help protect many more people from being affected.
- The National Cyber Security Centre (NCSC) will analyse the suspect email and any websites it links to. They'll use any additional information you’ve provided to look for and monitor suspicious activity.
- If they discover activity that they believe is malicious, they may:
- seek to block the address the email came from, so it can no longer send emails
- work with hosting companies to remove links to malicious websites
- raise awareness of commonly reported suspicious emails and methods used (via partners)
We have recently added a fraud section to our website here, this includes a handy guide on all things scam awareness.