An Omicron phishing website is doing the rounds this week. It starts with a phishing text message originating from +447305181490.
The text message claims that you have been identified as being in close contact with someone that has the Omicron strain of the Covid 19 virus.
NHS: Track and Trace has identified you have been in close contact with somone with Omicron, please order a test kit here: http://omicron.id-49.com/
If you have received this message or a similar one do not click the link. It leads to a fake Omicron website designed to extract personal details.
The Omnicron Phishing Website
The Omnicron phishing website itself will take all of your personal details including banking information.
The first page of the fake Omnicron site appears to mimic an official NHS website. Looking at the URL it’s apparent this is not a real NHS website.
The next page of the Omicron phishing website would like your personal details including your name and email address.
The following page asks users for their date of birth before proceeding to the next page of the fake Omicron website.
After entering personal details into a NHS Omicron phishing site will feed the scammers all the information needed to target you with further phishing attacks in the future.
The next page asks for a phone number and address.
The most important page for the scammers is the following one, your credit card details. The Covid 19 phishing site requires your card number, expiry date and CCV.
The site then informs users it is checking details before taking you to the final page.
The final page claims the PCR order is complete and you will receive it within 3-5 working days.
The PCR order will never come and if you have entered your details into a website similar to this one i would suggest cancelling your credit card and contacting your local police force for further advice.
Reporting Omicron Phishing Sites and Scams
If you receive a lot of phishing attempts or scams, information can be found here on reporting them to authorities.
Alternatively you can report phishing websites directly to the NCSC here.