How to avoid the fake vaccine fraudsters
In his latest guest blog, Dorset Police cyber crime protect and prevention officer Chris Conroy provides advice about how to avoid criminals who have been exploiting the vaccine roll-out.
It’s hard to believe that COVID-19 has been part of our lives for a whole year now. It was late in January 2020 that the UK recorded its first case, and few could ever have imagined what was to follow.
And now, here we are. One year and three national lockdowns later, waiting for the day we can see our friends and family again and forgetting what it’s like to do the things we once took for granted.
Amongst all the turmoil of the last year, there was at least one thing that has remained constant – the unscrupulous nature of cyber criminality. Throughout the pandemic, Dorset Police have warned of scams – fake PPE, fraudulent COVID maps, and Track and Trace scams to name just a few.
Now, as the UK embarks on the mammoth task of vaccinating millions of people, fraudsters are finding ways to use the rollout to their advantage. The vaccines have promised us a light at the end of the tunnel, something to be truly excited about. This is a perfect set-up for scammers.
There’s often a theme when it comes to a scam. Be it an email, a text message, or a face to face exchange, a fraudster will usually try to exploit human emotion. They are experts at creating a sense of urgency, finding a way to short circuit our rational thought, and getting us to act against our better judgement.
The prospect of a COVID vaccine is undoubtedly emotive, so scammers have jumped at the opportunity, sending fraudulent emails about the rollout. These emails vary, with some asking for sensitive personal information, and others asking recipients to pay for their vaccine.
This has led to the NHS providing guidance on what to expect when you are contacted to receive your vaccine.
What to expect:
- A letter – Those who are invited to a larger vaccination centre or pharmacy will receive notification in the form of a letter.
- An SMS or email – Those who are invited to a local centre, such as a hospital or GP surgery, will usually receive a text message or email. In some cases, however, you may receive a letter or a phone call from your GP surgery.
What to look out for:
There is no charge for the COVID vaccine, which is available for free through the NHS. The NHS will never ask for:
- Bank account, card or other payment details.
- Banking passwords or PINs
- Copies of personal documents to prove your identity, such as your passport, driver's licence, bills or pay slips.
If you receive a letter but do not book an appointment, you may receive a phone call from the NHS Immunisation Management Service.
- This call will come from 0300 561 0240.
- This call will be a reminder to book your appointment.
- The caller will see if you need any help or support but will not book an appointment over the phone.
These tips will go a long way towards helping you avoid falling victim to a COVID vaccine scam but, it you’re not sure if the email you receive is genuine, there are a few things you can do to check.
How to check
Firstly, check the sender’s details. At the top of the email, you might see the sender’s name or an email address.
There is usually the option to expand this section, which we recommend doing. Check any email addresses in that section, keeping an eye out for misspellings. Criminals are crafty and will often swap letters for ones that look alike. For example, a capital I looks a lot like a lower-case L.
Secondly, if there’s a link or a button to click, you can check its true destination before you do so. If you’re using a phone or tablet, you can hold (don’t tap) your finger on a link or button. If you’re using a computer, you can hover your cursor over the button without clicking. This will cause the true destination to appear either in a box or at the bottom of your browser.
If these checks give you cause for concern, it’s best to err on the side of caution and assume something isn’t right. After all, if you receive a genuine email and don’t respond, the NHS will call, as detailed above.
If you are suspicious
If you receive what you believe to be a fraudulent email, be sure to report it. Doing so can help keep other people safe. Simply forward any suspicious emails to email@example.com. The automated system will do the rest and if it is deemed to be dodgy, the service will take steps to have the site removed.
If you are unfortunate enough to fall for a scam of this nature, please make sure you report it to Action Fraud.
As ever, if you have any questions about cyber safety, please feel free to email us at firstname.lastname@example.org.
It’s been a tough year and whist it might be hard to see that light at the end of the tunnel, it is there. If you’re struggling, remember there is always someone to speak to. Organisations like Citizens Advice and Samaritans are helping people with financial and mental health concerns. We’ll get through this.
Until next time, stay safe out there, and please keep following the guidance.