Covid scammers cash in

Covid scammers cash in

November 16, 2021

Covid scammers cash in as they exploit pandemic with fake vaccine passport emails and texts

  • Millions of Britons have been targeted by Covid passport scams
  • Some received emails which looked like they were from their GP inviting them to claim Covid passport 
  • Others had texts telling them to click a link to buy a Covid passport  

Millions of Britons have been targeted by Covid passport scams to con them into making payments or handing over private data.

Some have received emails which looked like they were from their GP practice inviting them to claim a Covid passport, while others have had texts telling them to click a link to buy one.

‘One of the reasons these scams are so effective is because of the mass confusion over what a Covid pass or passport is, how you get one, where you get it from and which variations you need for different things,’ said consumer expert Martyn James.

The official pass – which shows someone has been fully vaccinated – is free of charge and is required to attend certain events, such as gigs or sports matches, or to travel abroad.

But fraudsters are exploiting a lack of clear messages from health officials and the Government over whether people need Covid passports and how they work.

Some have received emails which looked like they were from their GP practice inviting them to claim a Covid passport, while others have had texts telling them to click a link to buy one (stock image)

Scams related to Covid passports are now rising sharply.

Action Fraud said reports of this type of scam doubled from around 200 per month in July and August to 400 per month in September and October.

It is thought thousands more people will have been conned as only a small minority of victims report scams.

In total, about 12million Britons – one in five – have received scam emails about a vaccine passport which appeared to be from the NHS or other official health organisation, a survey by online security firm Tessian found.

The firm’s threat intelligence researcher Charles Brook said: ‘Criminals are capitalising on the uncertainty surrounding vaccination certificates to dupe people into sharing login credentials and personal or financial information.’

Security researcher David Emm, of cybersecurity firm Kaspersky, said criminals were ‘exploiting the disruption’ caused by the pandemic.

He added: ‘We have seen there has been an increase in COVID-19 scam emails in the style of NHS websites. These fake websites trick people into opening malicious links or attachments and downloading malware.’

Action Fraud said reports of this type of scam doubled from around 200 per month in July and August to 400 per month in September and October (stock image)

In one recent scam, patients were sent emails which looked like they were from Patient Access – the online booking service used by most GP practices.

The emails invited them to claim their digital or hard copy of their ‘NHS Covid-19 Passport’ by clicking a link, which took them to a page just like the real NHS website.

Whether they then rejected or accepted the invitation, they had to enter details, including their name, address, date of birth, mother’s maiden name and mobile phone number.

They were then asked to enter their card details, including their CVV security code, and provide their bank account number and sort code.

With all these details, criminals can use victims’ cards, access their bank accounts and clone their identities to commit more fraud like opening accounts in their name.

In another similar scam targeting victims this week, people received a text with a link which took them to a convincing copy of the NHS website. It asked them to make a small payment of around £4.99 for the passport.

Consumer expert Martyn James (pictured) said: ‘If they have your details, a fraudster simply enters it into every website they can think of, from shops to payment systems’

Criminals not only take this money but can also use the card details to make other fraudulent payments.

Mr James added: ‘If they have your details, a fraudster simply enters it into every website they can think of, from shops to payment systems. If they get in, they change your address and max out your card or bank account through purchases or transfers. But this kind of data is also used for identity theft and can be traded with other fraudsters – or be used to create a fake ‘virtual you’ to apply for loans or open accounts.

‘What’s particularly appalling is these scams work by tapping in to the things in the back of our minds that we are worried about or sometimes scared of. This makes us more likely to click and submit before we’ve thought about what it is we’re doing.’

A Patient Access spokesperson said: ‘We are aware of these emails and we would like to reassure our users that their personal information and their Patient Access accounts are secure.’

They advised patients to log in via the app or to type in www.patientaccess.com to ensure messages are genuine.

The Department for Health and Social Care has published warning posters about the rise in Covid Pass scams.

The official NHS Covid Pass is free and a digital or paper version is available through the NHS App, official NHS website or by calling 119.

A spokesperson said: ‘Criminals are using the NHS COVID Pass as a way to target the public by convincing them to hand over money, financial details and personal information. The NHS App is free. The NHS COVID Pass is free. The NHS will never ask for payment or any financial details.’

Source: Read Full Article