We have received multiple reports of scam and phishing emails across the region. These emails may appear to come from trusted contacts whose accounts have been compromised.
Please remain vigilant and take the following precautions:
- 🔎 Verify the sender: Check the email address carefully, even if the name looks familiar.
- 🚩 Look for red flags: Be cautious of unexpected requests, urgent language, or suspicious links and attachments
- 🗣️ Report suspicious emails: If you receive a suspicious message, report it to us using the IM Digital Portal.
-
🚨 If you have accidentally clicked a link on a suspicious email, please call your IT Service Desk on 0151 296 7777.
⚠️ Always confirm the legitimacy of any email before clicking links, downloading attachments, or sharing sensitive information. Consider verifying this with a phone call to the person’s phone number on file.
Recent scam example
A fraudster is calling NHS organisations, pretending they are from Barclays bank. In several cases, they have mentioned a payment to a company called Global Economy Limited. This is a trick to start a conversation.
⚠️ Note: There is no real UK company named ‘Global Economy Limited’.
They may also follow up with an email from an incorrect email address of ‘support@barclays . help . co . uk’ – this is NOT a Barclays UK email address.
Although the fraudsters in this case are pretending to be from Barclays, they could just as easily pretend to be from another bank.
If you think an email is suspicious:
-
🚫 Do not click any links
-
❌ Delete the email
-
📵 If you are unsure about an email, do not call the number it provides. Instead, use the phone number on the bank or financial institution’s official website, or the one printed on your debit or credit card.
-
📲 Call 159 from a mobile phone to be put through to your bank’s fraud team, powered by Action Fraud.
Good cyber security is everyone’s responsibility. One of the most common attempts to breach cyber security defences is the use of scam emails.
Recently, NHS organisations have seen a big rise in scam emails and social engineering/pretexting attacks.
Social engineering (or Pretexting) is a type of social engineering, where someone pretends to be a trusted person to trick you into sharing information or taking an action. This type of attack is not limited to online - it can take place through other forms of communication, including in person.
You can find out more about pretexting and scam emails below
To protect against these threats, it is essential to stay vigilant and follow security best practices and Information Governance (IG) policies and guidelines.
Beware of Pretexting scams
NHS organisations and staff are increasingly being targeted by pretexting scams.
Pretexting is a type of social engineering attack where someone pretends to be a trusted person to trick you into sharing information or carrying out an action. These scams aren’t limited to the online world - they can also happen over the phone or in person. For example, a caller might pose as a family member or even a police officer, telling a convincing story to gain your trust and persuade you to hand over sensitive details, such as a telephone number.
Pretexting techniques
Attackers often use a mix of techniques to carry out pretexting scams, including:
Phishing
This is when someone pretends to be a person or organisation in an email to trick you into giving away information. These emails can look very real and may even seem to come from someone you know, but the email address is fake. They might also include links or attachments that, if clicked or opened, could put harmful software (malware) on your computer.
If you think you’ve received a phishing email, call the IT Service Desk straight away on 0151 296 7777. Don’t click on any links, don’t open any attachments, and don’t reply to or forward the email. If you have clicked any links or replied to the email, do not worry just contact the IT Service Desk immediately on 0151 296 7777.
Vishing / Smishing
Vishing is when scammers call you on the phone to try and steal personal information. Smishing is the same thing but done by text message or WhatsApp. Scammers often try to rush you or make it sound urgent.
If this happens:
- Block the caller or sender so they can’t contact you again. This includes blocking on messaging apps like WhatsApp;
-
Don’t share any information right away. Instead, check if the call or text is genuine by contacting the organisation yourself, using official details from their website;
-
If it’s your bank, use the phone number printed on your bank card.
For vishing or smishing incidents, the IT Service Desk is unlikely to offer more help than the steps you can take yourself. There is no need to report to the IT Service Desk if you have blocked the caller or sender's number.
Tailgating
This is when someone tries to get into a secure building by following another person through a locked door. For example, they might walk close behind you, grab the door before it closes, or say they’ve forgotten their ID badge.
Letting someone in without proper checks can put the organisation at risk. If you think this has happened, report it straight away to reception or security.
It is appropriate to request to see a valid ID badge. If this cannot be provided, politely explain that entry cannot be granted and direct the individual to reception for assistance.
Further information and support
To protect against these threats, stay vigilant and always follow cyber security best practice and Information Governance (IG) policies and guidelines.
Before you act, stop and think:
-
Verify who you’re dealing with.
-
Only share information if you’re certain it’s safe.
-
Never allow anyone to tailgate into a secure area.
Good cyber security is everyone’s responsibility and there are some simple steps you can take to remain secure. One of the most common attempts to breach cyber security defences is the use of scam emails.
Beware of scam emails
Scam emails are fraudulent messages that try to trick you into giving away personal, medical or financial information, or infect your device with malware to steal data.
These emails can be very convincing and may appear to come from a legitimate source, such as a person or organisation you know when they are actually being sent from a fake address - known as ‘email spoofing’.
Please refer to our guidance below on how to spot a scam email. If you receive an email that is unexpected or suspicious, do not open any links or attachments and delete it immediately. If you are concerned, get immediate support through the IM Digital Portal.
Read our guide on how to spot and protect yourself from scam emails
Further information and support
Please ensure you report anything suspicious immediately on the IM Digital Portal.
We thank you in advance for your support.
What should you do?
- If you receive an email that is unexpected or suspicious, do not open any links or attachments and delete it immediately. If you are concerned, get immediate support through the IM Digital Portal.
- Always pause and verify who you’re dealing with before sharing information, and make sure you are following security best practices and Information Governance (IG) policies and guidelines. If in doubt, contact the IG Team for advice.
Be email aware
- Be suspicious of generic greetings such as "Dear sir or madam".
- Check the sender’s email address to see if it looks legitimate.
- Never open links or attachments from senders you don’t recognise.
- Check the address of any links by hovering your mouse over the link (without opening it) to see if the address matches the link that was typed in the message.
- Check for spelling mistakes and poor grammar which could indicate the email is a scam.
- Be suspicious of emails that claim you must click, call, or open an attachment immediately.
- Never provide financial or sensitive personal information like usernames and passwords over email.