Welcome to our blog

As concern around the Coronavirus has grown, unfortunately scammers have targeted mailboxes to see if anyone would fall for their usual tricks, using Covid-19 to lure people in. We know that these types of emails are not always easy to spot, so we have identified a number of examples and wanted to share these to raise awareness, in case you become a recipient of these malicious campaigns.

Action Fraud have issued warnings about fake text messages and emails offering the Coronavirus vaccine in an attempt to steal personal and financial information. If you receive a message claiming to be from the NHS asking you to apply for the COVID vaccine by providing your details, this is a scam. Always check the official NHS website for the latest information about the vaccination.

Examples of malicious Covid-19 emails

Here are some examples of real scam emails, so you know the kinds of things to look out for.

World Health Organisation 

On first glance, this email looks like it’s been sent from a medical specialist, with an informative attachment providing safety tips. However, if you look closer, you can see that there a number of red flags such as poor grammar, the suspicious email address it’s been sent from, and the attachment it’s telling you to download.

Gov.uk

This looks like a genuine, official email from the government advising on a tax rebate, however you can see that there are some details that don’t add up here; the hyperlink, poor grammar and strange content, as well as the lack of recipient address and suspect sender name.  This is a well documented scam, you can read more over on Your Money website. 

Health Checkup 

Using a deliberate subject title to draw you in, at first it appears to be a free health-checker which in the current circumstances, you may be drawn to open. On closer inspection, the suspicious hyperlinks in the document and poor grammar should make you question whether the email is genuine, and in this case, it’s not.

We take your security very seriously, so if you've received an email pretending to be from TalkTalk or another business, please let us know. Our security team will look into this, block and help prevent customers falling foul to criminals.

Stick to the following tips to ensure that you don't get caught out:

1. Look out for poor grammar or spelling mistakes
2. Never click on the links or open any attachments from emails you are not expecting
3. Check the sender – does it look legitimate?
4. Don't forward the emails to anyone, instead use the reporting button if you have that option on your email platform, or report to phishing@talktalk.co.uk 
5. Are you being asked to verify your bank details? Be wary of this
6. Does it use your full name? Phishing emails usually use terms like 'Dear Customer' as they don’t have your personal details.
7. Does it use an attention-grabbing subject header?  Look for phrases like "you've won!", "forward this to everyone you know!" or "this is NOT a hoax!"

How to report a Phishing email

It's really easy to let us know about Phishing emails, just forward the email to phishing@talktalk.co.uk our security team will then check through these and block them on our network where appropriate. You'll get an email response acknowledging that they have received it and if anything further is required.