A very active phishing campaign is underway pretending to be from the UK's National Health Service (NHS), alerting recipients that they are eligible to receive the COVID-19 vaccine.
Today, numerous Twitter users began reporting that they received this phishing email, with some being in the right age group to be eligible and thus falling for the scam.
There are multiple variants of the phishing emails, but they all claim to be from the NHS at [email protected] (the real NHS domain is nhs.uk) and use mail subject similar to "IMPORTANT - Public Health Message| Decide whether if you want to be vaccinated."
The phishing email, shown below, asks the recipient if they want to accept or decline the invitation to schedule their COVID-19 vaccination.
UK NHS COVID-19 vaccination phishing email Source: Twitter
Regardless of the button selected, the recipient will be brought to a fake NHS site stating that they were chosen for the vaccination based on their medical history and genetics.
"The NHS is performing selections for coronavirus vaccination on the basis of family genetics and medical history. You have been selected to receive a coronavirus vaccination," the phishing landing page reads.
Phishing scam landing page
The recipient will again be asked to accept or reject the invitation, but regardless of the button entered, they are pushed through a series of pages asking for personal information. This information includes the person's name, mother's maiden name, address, mobile number, credit card information, and banking information.
Phishing page collecting information from the victim
Once this information is submitted, the phishing page will state that the application is confirmed a ..
Support the originator by clicking the read the rest link below.
