Emergency alert will be 'perfect opportunity' for scams, experts warn

Nationwide emergency alert test will create the ‘perfect opportunity’ for cybercrooks to target the public with SCAM messages – how to spot them

  • At 3pm on Sunday, everyone in the UK will receive an emergency alert test
  • Experts have urged Britons to watch out for any official looking texts or emails

The national siren alert has created a ‘perfect opportunity’ for scammers to launch phishing attacks on the public, cyber experts have warned.

Britons have been urged to watch out for any official looking texts or emails in the days leading up to Sunday as they may be fake and contain malicious links.

Consumer watchdog Which? said cybercriminals would use any hook they could to try steal money and personal information from victims – and the nationwide test was ‘no exception’.

At 3pm on Sunday, everyone in the UK will receive a message on the home screen of their mobile phone along with a sounds and vibration for up to ten seconds.

Although it will not come in the form of an email or message, Nick France, chief technology officer at cybersecurity specialists Sectigo, said scammers would be ‘relying on the fact that many members of the public won’t know or remember that no links are supposed to be in the Government’s alert.’

The national siren alert has created a ‘perfect opportunity’ for scammers to launch phishing attacks on the public, cyber experts have warned 

READ MORE: Every phone in the UK will receive an emergency alert with loud alarm next Sunday in nationwide test – and this is what the message will say 

 

He said: ‘This is a massive open opportunity for phishers. Phishing actors are getting extremely sophisticated and tuned in to what the public needs and expects, and they will certainly be jumping on the fact that a National Alarm test is coming up for UK citizens.’

Similar attempts were made last year when the UK Government announced the ability to redeem energy vouchers via a SMS notification, according to David Emm, senior security researcher at Kaspersky.

A survey by the Office for National Statistics last year revealed half of adults reported receiving a phishing message over the previous month. Norton Antivirus blocked over two million phishing attempts in the last quarter of 2022 alone.

Steve Wilson, director of UK and Ireland at Gen, which now owns the software, said: ‘Millions of UK smartphone users will be receiving the UKGOV emergency alert this Sunday, and while many might recognise it as a trial run of a legitimate government service, the alert could also present an opportunity for cyber criminals looking to dupe those who might not be able to tell the difference.

‘Whether it’s targeting people who are aware of the incoming alert or those who may not be expecting it at all, the alert presents the perfect opportunity for scammers to act.’

Lisa Webb, Which? Scams Expert, said: ‘Scammers will use any hook they can to try and steal money and personal information from victims, and unfortunately the government’s upcoming nationwide test of its new Emergency Alerts system will be no exception’ (stock image)

Jake Moore, global cybersecurity advisor at ESET, said: ‘With the advertisement of what will happen on Sunday, there is the likelihood that cybercriminals will exploit the platform to send similar messages attaching malicious links.

‘Similar to what we saw with the NHS Covid 19 messages, threat actors are very quick to adapt to current trends and situations abusing people’s trust in what they read.’

Lisa Webb, Which? Scams Expert, said: ‘Scammers will use any hook they can to try and steal money and personal information from victims, and unfortunately the government’s upcoming nationwide test of its new Emergency Alerts system will be no exception.

‘It’s vital anyone who receives the official test alert is aware that no action is required. If you are asked to download an app or provide information, this is likely to be an unscrupulous fraudster trying to trick you and should be ignored at all costs.’

The message on Sunday April 23 will say: ‘This is a test of Emergency Alerts, a new UK government service that will warn you if there’s a life-threatening emergency nearby.

‘In a real emergency, follow the instructions in the alert to keep yourself and others safe.’

As it is a test, all people need to do is swipe away the message or click ‘ok’ and continue on as normal.

The government said only government and emergency services would be able to send Emergency Alerts, and that there was a secure authentication process to send them.

A spokesman said: ‘An Emergency Alert looks and sounds very different to other types of messages such as SMS “text messages” and it is one-way broadcast technology so much more secure than SMS.’

HOW TO CHECK IF YOUR EMAIL ADDRESS IS COMPROMISED

Have I Been Pwned?

Cybersecurity expert and Microsoft regional director Tory Hunt runs ‘Have I Been Pwned’.

The website lets you check whether your email has been compromised as part of any of the data breaches that have happened. 

If your email address pops up you should change your password.

Pwned Passwords

To check if your password may have been exposed in a previous data breach, go to the site’s homepage and enter your email address.

The search tool will check it against the details of historical data breaches that made this information publicly visible. 

If your password does pop up, you’re likely at a greater risk of being exposed to hack attacks, fraud and other cybercrimes.

Mr Hunt built the site to help people check whether or not the password they’d like to use was on a list of known breached passwords. 

The site does not store your password next to any personally identifiable data and every password is encrypted

Other Safety Tips

Hunt provides three easy-to-follow steps for better online security. First, he recommends using a password manager, such as 1Password, to create and save unique passwords for each service you use. 

Next, enable two-factor authentication. Lastly, keep abreast of any breaches

Source: Read Full Article