There are a couple of slick, professional looking scams, doing the rounds that UK citizens need to be aware of. One claims to be from the NHS the other from Royal Mail.

Royal Mail

A text is received, allegedly from ‘Royal Mail’, claiming that a parcel was being held due to an unpaid shipping fee. The fee is small, a few pounds and pennies, often £2.70
  • The text gives a date for the fee to be settled or the parcel will be returned to the sender.
  • The link in this text is disguised to look as though it points to the genuine royalmail.com website. This is done by capitalising the letter ‘i’ so it will appear to be the letter ‘l’. The link is actually ‘royaimaii.com’.
  • The fake website looks real. It even includes a ‘Coronavirus update.’
  • Contact details, date of birth and debit card details are requested.
  • The scammers then make a small purchase with the card and at a later date, such as the following day, call the victim’s number claiming to be from the victim’s bank alerting him/her to a potentially fraudulent transaction (the purchase the scammers made).
  • The scammer then says to protect their current account he/she needs to log into online banking and set up a new sort code and account number. The scammer provides the sort code and account number,
  • The scam caller then asks the victim to transfer the balance to the new ‘secure’ account – which clearly belongs to the scammers.
Scammers can use number spoofing software to display false caller-ID information that tricks you into thinking that their number belongs to your bank or another legitimate business. 

Many scam callers will attempt to trick you into installing remote access software to ‘fix’ a spurious problem.

This software is used by legitimate businesses but criminals abuse these tools to hack into email and bank accounts.

The easiest way to stay safe is to hang up and call back on a phone number you trust, such as the one on the back of your debit or credit card, usually at the top and in very small print.

NHS
  • Text messages that state the recipient is eligible for an initial or follow-up Covid-19 vaccine have been detected. 
  • The message provides a link to a website with several pages of NHS guidance on the vaccine and possible side effects.
  • The guidance seems legitimate and mirrors genuine NHS guidance. However, when looked at closely there are numerous spelling mistakes.
  • After going through the guidance rather than requesting a National Health number to verify identity it instead requests credit card information. This is a clear red flag.
During the pandemic, there has been a rise in vaccination fraud with people claiming to be from the NHS, asking patients for r banking details to book their vaccinations. Remember that the vaccine is free in the UK and available through the NHS and the NHS never ask for your banking details.