A new wave of phishing during COVID-19

Thursday, April 16, 2020
A new wave of phishing during COVID-19

You’ve probably already received a text message from the government advising you to stay home and linking to the gov.uk website for more information. Many of us would visit that link without a second thought, just to find out more. But some cybercriminals are taking advantage of our concerns to catch us unaware.

One recent example is a text message prompting users to claim a sum of money for ‘COVID-19 relief’. This was a ‘smishing’ scam (a phishing attack carried out via SMS text message). It was designed to harvest bank card details by mimicking real gov.uk messages and the gov.uk website.

The illustrations below show the scam and genuine messages side by side.

So how you can you tell a genuine message from a scam?

Obviously, scam messages are designed to look as genuine as possible. However, there are a few tell-tale signs to look out for.

Suspicious Sender Names

Firstly, the sender’s name may not seem quite right. For example, a government message coming from an account called ‘COVID 19’ seems strange.

If you receive a ‘public information’ message that isn’t from ‘UK_Gov’, or a ‘health information’ message that isn’t from ‘NHSNoReply’, that’s a definite warning sign.

Suspicious website/email addresses

Scammers may actually be able to fake a plausible account name (like ‘UK_Gov’). But government and NHS web and email addresses are much harder to imitate.

Look closely at the address of the website you’re being directed to. If it doesn’t contain gov.uk/ for a government site, or nhs.uk/ for an NHS site, that’s a big clue that you are probably being directed to a malicious website.

Similarly, if you receive a supposed government or NHS email from an address that doesn’t end with gov.uk or nhs.uk, that’s another red flag.

Suspicious websites

If the web address doesn’t put you off, the website itself may also give you clues. For example, if we were to click the link in the scam message above, we’d find a website that, at first glance, looks exactly like the normal gov.uk one. However, when we look closer, we can see more danger signs:

We’re supposed to be at the gov.uk site – but the web address says uk-covid-19-relieve.com. Additionally, your browser may display a warning about reportedly dangerous sites, as seen next to the web address above.

Suspicious attachments

You may receive an email with a file(s) attached, which the message tells you to download and fill in or review. Don’t! These files will usually contain some kind of program designed to infect your computer or device.

There are many types of attachment that can cause harm, but common ones to watch out for include Word, Excel and PowerPoint documents, and ‘.zip’ files.

It’s very unlikely that the government or the NHS will send you an unprompted email with attachments.

Spelling and grammar errors

Finally, while we all make mistakes, scammers will often make multiple mistakes throughout their messages. In both the text message and website above, we see they’ve misspelt ‘relief’ as ‘relieve’ throughout. This is another red flag.

How to avoid being phished

To sum up, here are the key steps to take with each email or text message to steer clear of phishing and smishing scams:

  • Check the sender name or email address. Does it look right?
  • Check link addresses. Do they go to the organisation’s proper website address?
  • Beware of email attachments. Would you expect to receive an attachment from this organisation? Does it look suspicious?
  • Check the spelling and grammar. Are there lots of mistakes? Is the message too formal/informal?


If you’re suspicious but still unsure, find the contact details of the organisation or department independently, using a well-known search engine such as Google or Bing, and contact them via those details instead. That way, you can be more confident that you’re speaking to the real organisation/department.

Want to test your staff’s awareness of phishing scams? Call us to discuss arranging a phishing test exercise. You can gain insight into your team’s susceptibility to phishing, and improve their ability to spot a phishing scam before it’s too late.

Alternatively, if you have any questions or concerns regarding IT security in general please get in contact and one of our team members will be happy to talk to you.

Please call us on 01603 431200 or email solutions@computerservicecentre.com


Share this article:

Manage Cookies