How to spot phishing scams

We’re issuing some advice about how to stay safe online during the current pandemic.

Phishing is a method used by fraudsters to access valuable personal details, such as usernames and passwords.

These can have a monetary value to criminals. Phishing can also involve sending malicious attachments or website links in an effort to infect computers or mobile devices.

Fraudsters may use a variety of tactics to target people and they are known to exploit certain information in a bid to appear authentic.

For example, Action Fraud has recently received over a thousand reports of coronavirus-themed phishing attempts.

Detailed below are some known tactics that have been used in phishing emails related to coronavirus:

• Purporting to be from the Centre for Disease Control and Prevention (CDC) and World Health Organisation (WHO) and offering to provide a list of active infections in specific areas. Corrupt links will take victims to a credential-stealing page or makes involuntary payments into a Bitcoin
• Publishing misleading articles about the virus outbreak with a link to a fake company website where victims are encouraged to click to subscribe to a daily newsletter for further
• Sending investment and trading advice to take advantage of the coronavirus

Below is an example email, that was received by an organisation in Derbyshire recently.

“I am Mrs X and I know my message will come to you as a surprise but don’t be because I need your help in the disbursement of my family last  funds ($9,200,000.00 USD) my husband last wish. And as a victim of Corona-Virus(Covid-19 Virus) I am sending you this mail from my hospital bed. Please do contact my lawyer for more information. Barrister Mr Z Email: ([email protected])”

As you will see from this example, there are some commonalities of phishing emails which can give clues about whether or not they are authentic. These include:

• Many phishing emails have poor grammar, punctuation and
• Poor design and overall
• Is it addressed to you by name, or does it refer to 'valued customer', or 'friend', or 'colleague'? Are the latter generic ones, the scammer?
• Asking you to act urgently? Be suspicious of words like 'send these details within 24 hours' or 'you have been a victim of crime, click here immediately'.
• Does the sender sound legitimate? Or trying to mimic someone?
• Sound too good to be true? It probably is. It's most unlikely that someone will want to give you money, or give you access to a secret part of the
• Your bank, or any other official source, should never ask you to supply personal information from an
• If unsure, check any claims made in the email through some other

What to do if you've already clicked

If you've already clicked a link (or entered your details into a website), take the following steps:

• If you're using a work laptop or phone, contact your IT department and let them know. 
• If you’ve been tricked into providing your banking details, contact your bank and let them know.
• If you think your account has already been hacked (you may have received messages sent from your account that you don't recognise, or you may have been locked out of your account), refer to our guidance on recovering a hacked account.
• Open your antivirus (AV) software if you have it, and run a full scan. Allow your antivirus software to clean up any problems it finds. 
• If you've provided your password, change the passwords on all your accounts that use the same one.
• If you've lost money, tell your bank and report it as a crime to Action Fraud, the UK's reporting centre for cyber crime. By doing this, you'll be helping the NCSC to reduce criminal activity, and in the process prevent others becoming victims of cyber crime.

For more advice about staying safe online in Derbyshire you can contact Derbyshire Constabulary’s Cyber Protect Officer, Jodie Nevin on Jodie.Nevin @Derbyshire.Police.UK.