Be aware of ESR phishing fraud

Don’t be the next victim of salary fraud…

We’ve been made aware of a phishing email, directed at staff, doing the rounds. The email contains a link to a website that appears the same as the NHS ESR login page. This is a hoax page that allows the fraudster to collect your username and password, access your ESR account, change your bank details, and divert your salary to them.

Once fraudsters gain access to your ESR account, they can obtain further personal information such as your national insurance number, date of birth, home address, email address, phone numbers, and more.

Please continue to be vigilant to protect yourself against salary diversion cyber fraud. If you suspect an email might be fraudulent you must report it immediately.

You can also view the article on phishing fraud, which includes a link to a gallery showing phishing fraud examples.

Please don’t click on any of the links in these emails. Instead, follow the guidance below on what to do if you receive a phishing or spam email:

  • Do not open the email
  • Forward the email to as an attachment and then delete the email. When forwarding do not download content or images if prompted to do so
  • If you’ve clicked on a link or opened an attachment and think you may have a virus please contact the IT Service Desk on 0300 123 1020
  • If you click on an email attachment and receive a warning that a “program” or “macro” will run, do not ignore the warning and do not open the attachment.

All incidents of suspected fraud against the NHS should be reported to our Lead Counter Fraud Manager Eleni Gill via email or call 07827 308906. You can also report fraud via the NHSCFA National Fraud Reporting line 0800 028 4060.

Leave a reply:

Your email address will not be published but the name you enter will be.