Data protection and cyber security elearning for care workers
Date: Tuesday 12 December 2023
Phishing is where criminals send fake emails to scam private information or bank details from you. They take on another identity, either an organisation or a person. For example, it may look like a legitimate email from your bank.
Criminals send these emails as widely as possible to lots of people in the hope that you’ll click on a link and provide your details or download an attachment.
As well as scamming bank details, it could also be part of ransomware attack. This is where criminals can access your computer and block or steal files for financial gain.
Some are easy to spot. The ones we’re all aware of are the stories like a foreign prince who wants to give you millions of euros.
But some can be very convincing and difficult to spot; using logos, imagery and identities of people or brands that you know.
Your spam filter should manage to catch a lot of these emails. However, some do sneak through and it’s usually the more sophisticated ones that are harder to spot that will get through a spam filter.
The key thing is to always look at who is sending the email. Hover your mouse over the name of the sender and it’ll show you the actual address it’s coming from. If it’s not what you’re expecting, that’s a simple way to tell it’s fake.
Quite often you’ll see spelling mistakes or random capitalisation in the middle of words. They also might ask you to provide your personal details.
For example, your bank will never email you asking you to provide your password or give them your account details. Something like that would be a phishing email.
At the beginning of the pandemic we saw a lot of scams around PPE equipment.
Our concern now is that because care homes are some of the first to receive COVID-19 vaccinations and are expecting to be contacted, unfortunately cybercriminals may take advantage of that. You may receive emails that look like it’s to sign up for the vaccination programme, but it’s criminals looking to access your information.
The most important thing is to be vigilant. It’s easy to tackle if you’re just aware that it could happen.
Don’t click on links in emails from people that you don’t trust. If you are unsure, call the company or person you think the email is from and ask them if it’s genuine. Don’t provide bank details or banking information over email.
If you’re using NHSmail, you can report spam to them and then will check it for you. If you’re using any other email service, the National Cyber Security Centre will do the same. If it’s spam, they will block it.
Also remember to speak to your staff about email scams and how they should be careful about what they click on.
If you think you’ve become a victim of a scam, you should report this to Action Fraud straight away. There’s a dedicated phone line and email address, and they will be able to help you.
The National Cyber Security Centre has lots of detail for providers about staying safe online and email scams. It’s also got specific information and advice according to the size of your organisation.Back to News