Cyber criminals have been taking advantage of the recent pandemic to mislead internet users and steal their personal information. A fake NHS website has been set up in order to dupe internet users into downloading malware designed to steal credit card information and passwords.

A convincing imitation of the NHS website was recently found by researchers, the website used similar fonts and layouts as the genuine NHS website. Internet users who accessed this fake site were instructed to download instructions and information related to the corona virus.

However the download did not include useful information and was actually malware that was disguised as “covid19.exe”. Once downloaded on the user’s computer the malware was capable of stealing passwords and credit card information from the user’s browsers and files, it is also able to take screenshots and gather system information.  All the data is then collected and sent off to the cybercriminals.

The firm behind the discovery of the website has informed users that even if they do unwittingly download the malware onto their system they can prevent it from infecting their device. Users have been advised to use reputable internet security products to protect their devices and to regularly update operating systems and applications, additionally users should make sure they are using complex and unique passwords and to be cautious of links in unsolicited messages.

A ‘Suspicious Email Reporting Service’ was recently set up by the National Cyber Security Centre (NCSC) to help tackle the recent increase in Cyber criminals using the Covid-19 crisis to exploit internet users.

You can report fake websites initiating genuine ones in order to steal personal information to the website to the National Cyber Security Centre at report@phishing.gov.uk.