Quarantine Text Scam Tricks U.K. Residents into Paying “Fine”

iStock-1208457313Because of the ambiguity of current lockdown restrictions, a new text scam pretending to be from the government feels a bit too real to U.K. residents, turning them into victims.

The current restrictions by the U.K. government seek to have most people stay at home, only going outside for “food, health reasons or work.” But because there is some uncertainty around how to determine whether someone is or isn’t breaking the current restrictions, it’s a perfect angle for scammers to get in on the action.

U.K. residents have begun receiving the following text message:

"GOV.UK CORONAVIRUS ALERT. We would like to inform you that you have been recorded as leaving your home on 3 occasions yesterday. A fine of £35 has been added to your gov.uk account. For further information please visit gov.uk/coronavirus-penalty-payment-tracking. Protect the NHS. Save Lives.”

The link (not the URL shown above) takes the victim to a criminal-controlled website where credit card details are given up in the spirit of making the payment. For those outside of the U.K, this kind of penalty isn’t entirely unfamiliar to U.K. residents – for example, normally in London, cars operated within a specific area are subject to a congestion charge. So, the idea of receiving a text alerting them to having violated the quarantine restrictions isn’t entirely far-fetched. This is another great example of how context plays a role in scams. The mix of COVID-19 and the U.K. restrictions make this all believable.

We’ve recently seen SMiShing (texting) scams against corporate users as well. The use of mobile texting as an attack medium demonstrates the need for Security Awareness Training reaching far beyond just email-based attacks. With the increases in attacks now that many organizations are utilizing remote working, it’s imperative that these users are up to date on how to identify malicious content on any device and medium.

Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Request a Demo!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews