'COVID Pass' Scam Targets UK Users

Online scammers and malware developers often ride trending news in order to reach more people. Over the past year and a half, they have been focusing heavily on COVID-related topics. So far, we have seen all sorts of scams and malware being spread with the use of this subject. For example, we had Mobile Malware Spreading through COVID-19 Test SMS. The authors of the Agent Tesla RAT also used COVID-related phishing campaigns.

Recently, a new type of scam was spotted. It appears to only target users in the United Kingdom at the moment, but it is very likely that it will reach other regions as well – other scammers might be inspired by it. The 'COVID Pass' Scam is spread through fake text messages that claim to come from the NHS (National Health Service.) The SMS says that the user can apply for a COVID Pass that will be necessary for specific medical procedures and activities.

'COVID Pass' Scam Uses Fake NHS Website Harvests Credit Card Credentials

The scam heavily relies on social engineering, and it seems that the fraudsters have paid a lot of attention to the small details. The fake 'COVID Pass' Scam website is branded with the NHS logo, and it is somewhat similar to the original NHS site. It also uses HTTPS, which may lead some users to believe that the page is legit. Remember that the use of HTTPS does not warrant this.

Once a user is lured to the site, they will see a prompt asking them to complete the registration process. The registration form begins with simple questions – name, age, address where the pass should be delivered to, etc. These questions seem normal, but the final one is out of place – the fake NHS site says that a payment of £4.99 is required to complete the process. The victim is then asked to complete the payment by entering their credit card number, expiration date, and security code. Users who do this will unknowingly provide the scammer with their payment details.

COVID scams are still popular and are constantly evolving. Be careful with incoming emails and text message, which claim to have COVID-related content. The 'COVID Pass' Scam, in particular, may be very believable for UK users. The NHS does have a COVID Pass program, but it does not involve payments through random sites, and the registration process is more robust. The NHS would not approach you for a COVID Pass through random text or email messages.

August 23, 2021