A viral scam purportedly from the NHS is being sent to people in the UK with the intention of collecting bank information.
The fraudulent text reads: “NHS: We have identified that your [sic] eligible to apple for your vaccine. For more information and to apply, follow here”.
It then sends receipients to a link that asks them for their sort code, account number, and the long card number in order to “prove ownership of address”, something that legitimate NHS texts would not do.
Despite not coming from the NHS, the text mimics official websites with the NHS logo at the top and similar menu and search icons on the right hand side.
However, the NHS web page has a lock icon next to its URL. This means that the website uses HTTPS, which requires a security certificate. These certificates are only issued once the site owner’s identity has be validated.
The fake NHS website, and many other scam websites, does not have this lock. Users, especially vulnerable older people, should look out for this clue as to whether a website is legitimate or not, and never hand over personal information unless they are absolutely sure the website is valid.
The BBC reports that the scam website in question has already been taken down, but that does not mean that similar websites may not exist.
“If you receive a text or email that asks you to click on a link or for you to provide information, such as your name, credit card or bank details, it’s a scam,” Derbyshire Police advise.
The best advice is to remain suspicious and be wary of anything that arrives in your inbox or chat apps if you are not expecting it, or comes from source you do not recognise.