If you received an email saying you had cancer, what would you do? Thousands of Brits have received emails purporting to be from the National Institute for Health and Care Excellence (NICE), claiming that a “sample of your blood analysis” indicates the recipient has a “suspicion of cancer.”
The email is—of course—a hoax. The emotionally-charged message asks the recipient to print off the “test results” attached in a .zip file, and to take them to their doctor as soon as possible. The attached file is almost certainly a virus or trojan, intended to steal personal information by first exploiting fears.
NICE has emphatically denied sending any such emails, describing it on Twitter as “sickening.” It has since referred the matter to the police, and updated its website to warn people of the fraudulent message.
We are aware that a spam email is being sent out about cancer test results. This email is not from NICE and we are investigating its origin.
— NICE (@NICEcomms) March 13, 2014
Meanwhile, people have taken to Twitter in their droves to express their outrage and panic at the emails:
@NICEcomms Sitting here in tears. Waiting real cancer results and this email floored me. Please find out who is responsible and stop them.
— Frances Taylor (@Thordale) March 13, 2014
@NICEcomms my dad got the email. He had just had a blood test at the doctors so when he got the email he was worried, this has to be stopped
— Stacey Peden (@StaceyPeden1) March 13, 2014
@NICEcomms please tell me it has no relevance to results?! I have had tests done 3 weeks ago! where do they get email addresses from?
— Leanne Hemming (@LeaHemming) March 13, 2014
The title of the email is typically a variation of “IMPORTANT: Blood analysis result”, and some Twitter users have reported receiving dozens of hoax emails from the fraudsters in a matter of hours:
— Christine ⚧ Anderson (@TheBinaryGirl) March 13, 2014
There’s no indication as to who’s behind the hoax, with Twitter users tracking the IP addresses to Hong Kong, Turkey and India—suggesting whoever’s responsible is hiding behind a proxy service.
NICE have maintained a constant Twitter presence throughout the day to reassure confused and frightened email recipients. But, ironically, it’s unlikely that the organization would even be looking at patient’s blood tests in the first place. Their primary function is to act as a watchdog, providing guidance for the NHS (National Health Service) and local authorities, looking at potential new treatments and assessing drugs’ value for money.
The fact is, though the watchdog has assured followers it hasn’t been hacked, hoax emails have been sent to recipients who really have recently had blood tests–something that the NICE calls”pure coincidence.” Some are not convinced however. The emails appear to be deliberately targeted, one Twitter user argued “based on (anecdotal) [T]witter evidence and my personal experience here today.’
If so, this suggests a serious breach of security for patient records, which constitutes a far more severe problem than a few inventive spammers.
Photo by Pan American Health Organization/Flickr (CC BY-ND 2.0)