We have received reports from both Patient Access users and people who have never registered for the service, that they have received Covid passport emails purporting to be from Patient Access.
This is not a communication that has been sent by Patient Access – all emails from Patient access will come via an @patientaccess.com email address.
We are looking into the emails, but in the meantime would advise that you never click on links to login via email and visit the site via the address bar of your browser instead.
We also strongly advise setting up your Memorable Word feature, to protect against attacks such as these. We also advise using biometrics (fingerprint ID) if you use the app.
Steps you can take to protect your identity
- Check your bank statements regularly for any unusual payments
- Check your credit report regularly
- Never give out personal details over the phone unless you’re sure who you’re speaking to
- Use strong passwords utilising a mix of character types and change them regularly
- A good way to create a strong and memorable password is to use three random words and symbols
- Be creative and use words memorable to you, so that people can’t guess your password
- Never use the following personal details for your password: Current partner’s name, Child’s name, Other family members’ name, Pet’s name, Place of birth, Favourite holiday, Something related to your favourite sports team
- Use different passwords on every site, a password manager can help you do this
- Keep up with system and software security updates
- Enable a firewall
- Adjust your browsers’ privacy settings
- Install antivirus and anti-spyware software
- Always scan software you download with anti-virus software before installing it
- Password protect your software and lock your device
- Encrypt your data
- Do not install software unless you trust the website you are downloading from
- Do not install browser add-ons unless you really need them
- Do not immediately trust people you meet online
- Be wary of unsolicited emails and don’t click on links they contain
- Never provide your password to anyone on the telephone, reputable companies would never ask for it, or ask you to visit a website to enter it
- Be very wary of anyone on the phone who wants to connect to your computer and install software, even if they claim to be from Microsoft or your broadband company
- If you think you have been a victim of fraud you should report it to Action Fraud, the UK’s national fraud and internet crime reporting centre, on 0300 123 2040