1. Never give out personal details
A coronavirus-themed email may ask you for you to provide login details to any NHS or government related websites, such as your HMRC services account. Alternatively, they may ask for you to provide debit card details to order yourself a COVID-19 home test kit
Legitimate government and public service sectors will never ask for this kind of personal information over email, therefore never respond to these types of emails and mark the sender as spam.
2. Check the sender’s email address, links and files
If you hover your mouse over any links in an email, after a couple of seconds the links full address will appear. Sometimes, it is obvious that the website linked in the email is a fake, but other times, the links can look very similar to the legitimate website.
In this case, look at the sender’s email address. If the address does not look similar to what the company emails look like, then it is more than likely fake.
For example, if you have been in touch with a legitimate contact from the government prior and their email address is [email protected], then you know that if you receive an email from [email protected], then you know that the email is not from the same organisation.
Similar to malicious links and dodgy email senders, a phishing email may attach files, in which the sender is asking for you to download a file attached. Now, this may be a PDF, a word document or a .exe file. Make sure that you only ever download a file from someone that you know/trust or if you are confident that the email is from the same organisation.
Remember, if at any point you are unsure, visit the organisation’s website and either email or ring the company with the details that they provide.
3. Don’t be afraid of immediate action
Phishing emails will try to scare you into thinking that you need to do something as soon as possible, as scammers like to enlist fear into their receivers to make them reply, download or click a link without fully considering the possible threats.
For a COVID-19 related phishing email, you may receive something along the line of: ‘URGENT – Coronavirus testing kits running low on stock. Order now!’
Firstly, coronavirus testing kits from the government are free, therefore you never need to pay. But most importantly, if something was urgent like, like this above email, then the government themselves would have announced something like this on the news. Take a minute to think about the email, who it is from, what links are attached and if it is likely that an email like this would be sent out by the company in question.
4. Poor spelling and grammar
A well-established business will never have poor spelling and grammar, especially the NHS and government, as they need to maintain their level of professionalism. This is one of the more common signs of a phishing email. Hackers usually do this so that they can add a sense of “human” touch to the emails, making people take their attention away from the malicious links and files and instead focus on an incorrect spelling caused by human error.
Phishing emails can be easily to spot if you know what you are looking for. If you are slightly unsure or worried about an email being sent to you, and you don’t know who it is from, delete it or get in touch with the company directly from their website.
You should never put yourself at risk of falling victim to a phishing attack, especially with anything COVID-19 related. Don’t let hackers instil fear through the form of emails.