Don’t get phished, don’t take the bait!

On the evening of 23rd March, the UK Government announced new restrictions to control the impact of COVID-19.   Scammers are using the current pandemic as a means to steal your information.  There have been reports of phishing campaigns surrounding the COVID-19 Situation and we need your help to keep you and the business safe.  E-mails may be related to protection against COVID-19 pretending to be legitimate health organisations.

These e-mails may: 

  • Ask you to disclose personal information
  • Ask you to confirm your account details
  • Ask you to perform an action such as click links
  • Ask you to pay for services or products
  • The e-mail may be an attempt to steal Information.


If in doubt, please contact  

  • If you suspect you have received a phishing email please report it to the service desk on 023 8065 6000.
  • In the event that you have clicked a link which you are unsure of, immediately disconnect your machine from the network and report it to the service desk.

Did you know that the most popular form of cyber attack is through phishing emails?  So, what is a phishing email?  It’s an email that is designed to extract information from you.  It may convey a sense of urgency to get you to respond.  It could also be seemingly sent by someone senior within Carnival UK or our sister brands who you feel you must respond to straight away.  However.  STOP!  Ask yourself… would an Executive member really email you directly to ensure your personal information was up to date?  Some phishing emails can look really convincing, they may even use corporate logo’s, or seem to come from someone you know.

Here are some points to consider if you receive an email you are unsure about:

  • Check the sender’s email address – is it correct? Or is there a subtle difference?
  • Am I expecting this email?
  • Do I know the person?
  • Is this a change of topic from the sender? (Had we been talking about something completely different to the email they have just sent me?)
  • Has the email I’ve been sent asked me to review a document or click on a link?
  • Are there grammatical errors in the email?
  • Are you being asked to confirm or provide personal information – about yourself, a colleague or a Guest?
  • If you are unsure about the email, or you aren’t expecting this kind of email from the sender – contact the sender to confirm face to face or over the phone if they have sent it.
  • When working from home, consider your surroundings when using video conferencing, ensure nothing sensitive in nature is visible

If you are in any doubt over the legitimacy of an email please contact:

In addition to the above points, if it’s an email to your personal email address, also consider:

  •  Are you being told you have won a huge amount of money! (Not to burst your bubble – but it’s unlikely… so check out the validity of the email before being quick to respond.)
  • Is your bank asking you to confirm your information? (Your bank would never ask you to confirm details over email – always phone your bank to check if you are unsure if the email is legitimate.)
  • Is the email trying to blackmail you?  Is a threatening tone of voice being used in the email?  For example, a recent case showed an email which stated “You have been identified as using various adult sites, we are aware of your passwords and if you don’t pay us ‘X’ amount of money in bitcoin we will report you to all of your contacts in your contacts list.”  
Like Love Haha Wow Sad Angry