A new email phishing scam, falsely purporting to be from the Government Digital Service team, has been uncovered by the Parliament Street think tank’s cyber research team.

The attack targets low-income earners and claims that the addressee will be receiving a council tax reduction of almost £400.

The fraudulent email uses official branding and government logos to trick the user into thinking the content is legitimate, before redirecting them to a malicious site designed to harvest personal information, such as bank card details, account number, sort code and security code, as well as a home address and mobile number.

The scam has already been flagged to locals in Wrexham, Cheshire and Runcorn via local councils, but it is believed to have started a second wave, targeting hundreds of others across the UK.

Researchers at the Parliament Street cyber research team identified hundreds of new incidents of the email landing in the inboxes of individuals across the UK, noting that the email had several notable discrepancies, including stating a refund of £385.55 was available in the subject header, which is a different to the amount you’ll supposedly get that’s stated in the main email of £385.50.

Andy Harcup, vice president at Absolute Software, commented: “Since the start of COVID-19, the cyber threat facing adults in the UK has surged, and this latest attack is one of many which have been designed to prey on individuals’ vulnerability and fear during this trying time.

“Regardless of the quantity of security training and software put in place, data will always be at risk from a sophisticated cyber attack, and therefore, it’s essential that CISOs take steps to quickly pinpoint potential threats and neutralise any cyber breaches as and when they occur, with effective and resilient endpoint security.”

Share Story: