• FC

Covid-19 Vaccine Passport Phishing Email in the Wild

A good friend reached out earlier this morning to let us know they had been caught by a phish. This is a really impressive one and a reminder that the right phish at the wrong time can catch anyone. This friend is very tech savvy, so it's a stark warning that we can all be susceptible to these increasingly convincing scams.


They were due to travel next week and so the timing of this phish was unfortunate. It felt to them like it was something they were likely to receive, and all of the news about vaccine passports lent legitimacy to the scam.


When they clicked through the email and were taken to the criminal website, the site asked for details such as name, date of birth, mothers maiden name, and credit card details.


It is worth noting that both Google and Virus Total did not mark it as suspicious. It has now been submitted to Virus Total and will be distributed by Palo Alto, if you use another vendor it will be worth submitting to those too.


Below are a few screenshots of both the email and the website.



How the phishing email looked in their inbox

Image showing the details of the phishing email


The email itself with the button linking to the criminal site


The criminal website which the button in the email takes you to


Remember that if you receive an unexpected email that asks you to click a link or download an attachment, it's always best to check with the supposed source rather than clicking in the email itself.


Be sure to add the address (not included here for safety, but you can see it in the last screenshot) to any block lists and remember to report any suspicious emails/texts to both your IT team and/or to the NCSC report a phish page.



210 views0 comments