top of page

Warning as cyber criminals ‘prey on omicron fears’ with new scams

Scammers are continuing to take advantage of topical fears surrounding the pandemic by using the omicron COVID variant as a lure in recent phishing scams, according to reports.

The NHS has warned of a phishing campaign which leads people to fill in bank details for an “Omicron PCR test”, while consumer group Which? has reported rogue sites charging delivery fees for tests that can actually be obtained for free from the NHS.

They also flagged one scam website which asked users to set up a security question. Some scam websites ask for answers to common security questions, (e.g. mother's maiden name). This isn't required for a PCR test, but may be abused by scammers to attack other legitimate accounts.

Cyber criminals make use of current events to make their scams seem more convincing and they can be very difficult to spot. As the Prime Minister warned Brits of a “tidal wave” of Omicron infections, and urged everyone over the age of 18 to get a Covid-19 vaccine or booster in his latest address (December 12), criminals could use this urgency - and uncertainty in some areas - to prey on victims.

However, it is important to remember the NHS will never ask for bank account or card details and the NCSC has published guidance to help people recognise online scams and report any messages that seem suspicious.

If you receive a suspicious email, you should forward it to, while suspect texts should be forwarded to ‘7726’. Scam websites can be reported directly to the NCSC via their online service.



Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).



The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page