A very active phishing campaign is underway pretending to be from the UK’s National Health Service (NHS), alerting recipients that they are eligible to receive the COVID-19 vaccine. The phishing email, shown below, asks the recipient if they want to accept or decline the invitation to schedule their vaccination. The recipient will be pushed through a series of pages asking for personal information. This information includes the person’s name, mother’s maiden name, address, mobile number, credit card information and banking information.
Source: https://www.bleepingcomputer.com/news/security/beware-of-this-active-uk-nhs-covid-19-vaccination-phishing-attack/