We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
Guidance on phishing emails
Find out how you can stay safe and vigilant against phishing emails, including advice on how to spot a suspicious email and how to report it.
Coronavirus phishing emails
We've recently seen a number of examples of coronavirus (COVID-19) related, malicious cyber activity.
- advance fee fraud (where someone asks for payment in advance for goods and services)
- phishing emails (where an email includes a link to a malicious website)
- emails containing attachments containing malware
There are examples of various campaigns which seek to replicate, or pretend that they are from, organisations such as the World Health Organisation (WHO), the UK Government (GOV.UK) and HMRC, amongst others. There are also examples of fake websites which impersonate NHS organisations, which contain malware (including Ransomware).
What you need to do
Whilst the Data Security Centre works to block these threats before they reach individuals, it's inevitable that some do get through. It's essential that all staff remain vigilant, particularly during the current period of uncertainty and anxiety around coronavirus, and take the necessary precautions to protect their organisations and ultimately, patient data.
We would advise:
Be suspicious of emails that ask you to check, renew or share your logins or passwords
Don’t open attachments or click on links in emails without first establishing they are legitimate – for example, were you expecting to receive the email?
Hover over links (without clicking) to see if the link looks legitimate – in many basic Phishing attempts, the actual link differs from the one you see in the email
Check the source of the email – do you know the sender? Be wary if not, and try to verify the sender
If the content of the email tries to persuade you to do something that seems too good to be true, it probably is
If the email claims to be from an official source, it will likely have graphics and images. Do they look legitimate? An official source will never ask you to share personal details or login credentials
Check for spelling and grammatical errors in emails – these are often a tell-tale sign of spam
If in any doubt, contact your ICT team for advice
If you're a NHSmail user and you receive a suspicious email, you can report it using the “Report Phishing” button on the ribbon within Microsoft Outlook, or forward the email as an attachment, to firstname.lastname@example.org.
Non-NHSmail users should follow the process for reporting spam emails in their organisation.
For further advice, please contact the Data Security Centre by emailing email@example.com.