Beware Email Scams Seeking Feedback on the UK’s Emergency Alerts Test
The recent nationwide mobile test of the UK’s new Emergency Alerts service has, perhaps inevitably, been followed by a new wave of email phishing scams and spams over the past week. This attempts to impersonate the government by claiming to seek feedback from recipients on whether or not they received the alert.
As usual with such things, the messages are structured in a way to look authentic, but neither the sending email addresses nor the main source links contained within the body of the message are from official government sites and servers (these would usually redirect to gov.uk addresses, rather than some random AWS servers or unfamiliar websites).
Some feedback online suggests that a few people didn’t think these messages were scams because they referenced a system test that did take place. But this only serves to highlight just how effective good timing and the appearance of authenticity can be for scammers. Unfortunately, these emails are very much the product of fraudsters.
Advertisement
The goal of such phishing messages is usually to harvest personal, security and financial data or to try and infect your device/computer with some sort of malware (virus, trojan etc.). Suffice to say, you should never click on links in unsolicited emails. A quick check of the “From:” address (sending field) in the message source, or hovering your mouse over (not clicking) the main email links, often helps verify whether a message is legitimate or not.
In the case of this specific example, the aim of the fraudsters seems to be to get end-users who fall for their trap to execute a series of commands and thus run malicious Powershell code on Windows PCs, resulting in a malware infection. The message and its follow-on process will not fool seasoned internet users, but of course the scammers are only interested in the sub-0.1% of people who might be tricked by it.
We’ve seen a number of variations of this particular ’emergency alerts’ scam, so be on your guard.
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and Linkedin.
« O2 UK Expands Mobile 5G Standalone Network to 500 Towns and Cities
Advertisement
Leave a Reply
Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message and display names can be almost anything you like (provided they do not contain offensive language or impersonate a real person’s legal name). By clicking to submit a post you agree to storing your entries for comment content, display name, IP and email in our database, for as long as the post remains live.
Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.
I had one of these through. Looks like Amazon has blocked the AWS links now.
I back traced many links to AWS, the scammers were shut down within hours after I complained.