Alert: IT and email scams
July 20, 2020
We are continuing to see an increase in scams exploiting remote working arrangements and urgent need for goods and services as a result of COVID-19.
Fake emails often (but not always) display some of the following characteristics:
- The email contains spelling and grammatical errors.
- The sender’s email address doesn’t tally with the trusted organisation’s website address.
- The email does not use your proper name, but uses a non-specific greeting like “Dear customer”, “Hi friend”
- A sense of urgency; for example the threat that unless you act immediately your account may be closed or patient safety may be compromised.
- A prominent website link. These can be forged or seem very similar to the proper address of the known company, but even a single character difference means a different website.
- A request for personal information such as username, password or bank details.
- You weren’t expecting to get an email from the company that appears to have sent it.
- The entire text of the email is contained within an image rather than the usual text format.
- The image contains an embedded hyperlink which if clicked would divert to a bogus site.
What should you do if you have received a scam email?
- Exercise caution when dealing with any unsolicited emails.
- Check the sender’s email domain by hovering your mouse over the sender’s name.
- Do not click on any links in the scam email.
- Do not reply to the email or contact the senders in any way.
- Do not open any attachments or download content or images if you are prompted to do so.
- Permanently delete the email.
- Report any concerns to IT security and/or your Local Counter Fraud Specialist team.
For more information please see IT scams information sheet.