May 26, 2020

UK Fears Cybercriminals Will Use NHSX COVID-19 Tracing App to Launch Cyber Attacks

Anomali-Sponsored Study Finds Public Wary of Privacy Violations

London, UK -- 26 May 2020 – Nearly half (48%) of the UK public surveyed about the NHSX COVID-19 tracing app do not trust the UK government to keep their information safe from hackers. This is according to a study carried out by Censuswide on behalf of Anomali, a leader in intelligence-driven cybersecurity solutions. The nation-wide survey, released today, examined consumer attitudes to the proposed tracing app, particularly their confidence and wider trust in the government to appropriately and justly handle the data collected for the scheme.

Other major findings from the report include:

  • Around 43% of respondents were concerned that the app would give cyber criminals the opportunity to send smishing messages or phishing emails.
  • Yet, only half (52%) felt they were savvy enough to differentiate between a legitimate email or text message and a phishing/smishing message.
  • A further third of respondents (33%) are concerned that the app might allow the government to track their whereabouts.
  • Over a third of respondents (36%) are concerned that the app might allow the government to collect data on them.

According to the NHS website: “Contact tracing is a tried and tested method used to slow down the spread of infectious diseases. The NHS COVID-19 App automates the process of contact tracing. Its goal is to reduce the transmission of the virus by alerting people who may have been exposed to the infection so they can take action to protect themselves, the people they care about and the NHS.”

The first phase of the initiative was piloted in the Isle of Wight earlier this month for testing before proposing a national launch. This study set out to gauge the trade-off between privacy and the “greater good” and what people’s comfort levels are when it comes to the government tracking them. Though many demonstrated concerns over the government tracking them via the app and even more respondents unsure about the government being able to keep their information safe from hackers, there was also apprehension about being targeted by opportunistic cybercriminals; and rightly so.

“At this stage, nobody knows where to get the NHSX app from, so it can be reasonably expected that consumers will be faced with floods of emails with bogus links to convincing looking domains to download the app from,” Jamie Stone, head of EMEA at Anomali, posited.

He explained that the link will simply be a web page that will ask people for more personal information than the genuine app and the information could be used in future attacks against the individual.

Stone also warned over an increase in people being targeted by mobile phone communications.

“There is also the danger of smishing attacks; similar to a phishing attack, but the phish is done via SMS message,” he said. “Due to the smaller screen real estate, people will be less able to check the veracity of the link so will be more trusting and might click it.”

With thousands more domain registries for COVID-19 noted by Anomali over the past few months, the public will have to be extra vigilant when it comes to what they download or click.

“It’s tough to predict the increase in the volume of attacks we’ll see. However, we’re already seeing thousands of rogue and spoof COVID-19 domains being registered and used in attacks,” Stone explained. “Global interest around the virus, and each nation’s track-and-trace apps, means that attackers will likely use many of these domains to host phishing attacks via both email and SMS. People using COVID tracking apps need to be extremely vigilant and aware, ensuring that they’ve installed official government apps and that they are interacting with authentic messages from the agencies.”

The survey was carried out between May 11-7 by Censuswide among 1000 UK consumers.

About Anomali

Anomali® delivers intelligence-driven cybersecurity solutions. Our solutions include Anomali ThreatStream®, Anomali Match™, and Anomali Lens™. Private enterprises and public organizations use Anomali to harness threat data, information, and intelligence to make effective cybersecurity decisions and detect and respond to threats. Anomali customers include more than 2,300 global organizations, many of the Global 2000 and Fortune 500, and large government and defense organizations around the world. Founded in 2013, it is backed by leading venture firms including GV, Paladin Capital Group, Institutional Venture Partners, and General Catalyst. Learn more at