From the UK comes the news of new phishing campaigns in the wake of the Omicron variant. As soon as the potential greater spread of the SARS-COV-2 virus thanks to one of its mutations became known, scammers set out to carry out well-organized phishing attempts. At the expense of ordinary citizens who allow themselves to be convinced of the goodness of "brand new PCR tests" offered free of charge. In fact, worried about the possible health risks due to the uncertainty of information on the Omicron variant, they are easily deceived.
Phishing campaigns underway in the UK
To report the evolution of attacks in British countries is “Which?”, One of the consumer protection services that warns about possible fraudulent risks that can be incurred. The article contains excerpts of e-mails and the fake website where you can enter your personal data.
The attackers have started from the great confusion of the last few days following the announcement of the presence of a new variant of the SARS-COV-2 virus. Precisely the lack of precise information about the transmissibility and effectiveness of vaccines against this mutation were exploited for the phishing campaign. The e-mails, coming from the National Health Service (NHS in the UK), propose to carry out free of charge the new PCR tests capable of detecting the presence of the Omicron variant. In addition, there is mention of the inability of the tests on the market to identify the presence of the virus, generating a greater sense of anxiety and concern in uninformed users.
What happens to users who believe in the initiative
If the victim "bites" the phishing e-mail and decides to click on the only link present, he will be redirected to a portal that emulates one of the various sites of the Health Service. Here he will have the opportunity to provide attackers with a series of personal information such as name, surname, date of birth, address, telephone number and e-mail. In this way, full-blown identity theft can be consumed.
In addition, considering the free test, you will be asked to pay a small sum, equal to 1.24 pounds for the "delivery" operations. The attackers also try all and all, asking for the name of their maiden mother, so that they can recycle the information in possible subsequent attacks. In fact, information like this is typically used as an emergency access to verify one's identity in payment systems and beyond.
How to protect ourselves from these types of attacks
The UK consumer protection service has outlined a number of tips to follow to protect yourself from attacks like this one. It also encourages you to promptly report attacks and send email texts to appropriate state departments.
The strategy is always to capture the unfortunate by acting on our most emotional sphere, through emotions such as anxiety, worry, haste or fatigue. These are all aspects that make us more vulnerable and diminish our clarity in the face of facts like this. In reality, a number of problems would probably have come to the attention of a closer eye. The presence of grammatical errors, the address of origin of the email not authentic, as well as the URL to which the bogus portal was pointing. All alarm bells that should have protected us from falling into the trap of scammers.
Therefore, our recommendations always remain to carefully evaluate e-mails that we do not expect to receive and whose content is doubtful. In these circumstances, it is better to wait rather to bite the requests, if the communication is urgent, we will certainly be contacted.
The article New Phishing Attempts: Omicron Variant Campaigns Coming Comes from Tech CuE | Close-up Engineering .