Cybersecurity Alert: Protect Yourself from Cybercriminals

Scottish Cyber Coordination Centre TIPR:

SC3 are aware of attempted phishing against a Scottish Local Authority. The emails are coming from Careline Home Support. The attempt had convincing e-mail signatures, staff names and followed the correct format for invoice reference numbers. Careline aware and they are investigating on their side.

The email was sent from accounts@carelnehomesupport.com - note the missing ‘i’ in careline, the legitimate address is accounts@carelinehomesupport.com.

We want to make you aware of this as other Scottish Local Authorities might have a relationship with Careline.

TIPR Recommended actions:

Run a search for this fake domain on your email platforms and take mitigating actions where appropriate.

If your organisation has been directly impacted by the content of this TIPR or requires further support, please send details of the impact to this email:

SC3@gov.scot

Guidance from the Digital Telecare Programme

Cybercriminals often target individuals by impersonating suppliers or other transactional contacts to receive payments. They may even impersonate someone you know or trust. While their emails may appear convincing at first glance, be vigilant for bad grammar, spelling mistakes, irrelevant content, and always check the sender’s email address. 

Links or attachments are the easiest way for malicious software to steal your login credentials or run harmful viruses. Always verify any out-of-the-ordinary requests for payment. Treat any changes in detail as unusual. If something seems off, it might be a warning sign. 

Take a moment to pause and think before reacting. Avoid clicking on any links or responding to requests immediately, instead, call the sender to verify the authenticity of the email, consult with a colleague to see if they have encountered something similar, and report any suspicious messages.