Festive frauds – don’t get caught out by cyber criminals

December 22, 2021

Technology has become a key part of our everyday life whether it is at work or at home. Fraudsters are increasingly using technology as a tool to commit fraud. Cyber fraud is now more prevalent than ever, with instances of data theft and compromised financial systems causing organisations significant losses and reputational damage.

One of the main area of risk is social engineering, where fraudsters deceive and manipulate to convince people to click on email attachments infected with malware, or click on links to a phishing site asking for confidential information. This form of risk relies heavily on a lack of individual awareness, rather than vulnerabilities in software and operating systems.

Recently, we have been made aware of a fraud attempt at an NHS body where an email has been received from the domain ‘@esrnhs.top’, purporting to be from the NHS ESR system. The email states that there is a problem with the individuals national insurance number, and requests that they log-in to update their personal information via a link provided within the email.

Actions required by colleagues:

1. Do not click on suspicious links within emails, and do not enter any personal information.
2. Report the email to the IT service desk.
3. Where emails purport to have been issued from within your organisation or include links, hover your mouse over the source email address or the link to view the originating email address and actual file path to verify they are genuine.
4. Be particularly wary if it requests personal or sensitive information.
5. Always use strong, unique passwords for all systems, and don’t share them with anyone.

If you are concerned an email may be suspicious, contact the IT Servicedesk on 0121 507 4050 for further support.