Scam Alert: New NHS Prescription Phishing Scam Sweeping Inboxes

 

It’s the start of the week, and scammers are already hard at work trying to exploit our trust in the NHS. We’ve seen a surge in a particular phishing email today that claims to offer a "simple" way to order NHS prescriptions online.

While the NHS does offer legitimate digital services, this specific email is a malicious scam designed to steal your personal information or financial details. Here is what you need to look out for.

---

The Anatomy of the Scam

The email, which often carries the subject line "TR: Save Time on NHS Medications IT," looks professional at a quick glance, but several red flags reveal its true nature:

• Suspicious Sender Address: The email claims to be from "UK Pharmacy Subscription Notice IT," but the actual email address is a random string of characters from a Hotmail account (avrom-158jerrold_145.carter@hotmail.com). Official NHS communications will always come from an @nhs.net or @nhs.uk domain.

• Vague Branding: While it mentions "NHS Prescriptions," the layout is generic. It lacks the official NHS logo, a registered pharmacy name, or a physical address—all of which are legal requirements for UK pharmacies.

• Urgency and Convenience: Phishing scams often use "Save Time" or "Register Now" buttons to rush you into clicking before you’ve had a chance to think.

• The "Unsubscribe" Trap: In many of these emails, even the "Unsubscribe" link is a trap used to verify that your email address is active, leading to even more spam.

---

Why is this dangerous?

If you click the "Register Now" button, you will likely be taken to a spoofed website that looks like an NHS login page. Scammers use these sites to harvest:

1. Your NHS login credentials.

2. Personal details (Name, DOB, Address).

3. Payment information for "delivery fees" or "pre-payment certificates."

---

How to Stay Safe

• Don’t Click: If you receive this email, do not click any links and do not download any attachments.

• Check the Sender: Always tap or click on the sender's name to see the full email address. If it’s a personal account (like Hotmail, Gmail, or Outlook), it is a scam.

• Use Official Channels: To order prescriptions online safely, always use the official NHS App or the website of a well-known, high-street pharmacy you trust.

• Report It: You can forward suspicious emails to the National Cyber Security Centre at report@phishing.gov.uk.

Stay vigilant and share this with friends or family members who might be less tech-savvy. Scammers rely on us being in a hurry—taking thirty seconds to check the sender's address can save a lot of heartache.

 

How to screen calls and avoid scams

You don’t need extra apps or technical know-how to fight scam calls, as your smartphone already has features designed to stop them.

If you own an Android, you can use Google Assistant to screen calls automatically. Similarly, iPhone users can try Apple's Call Screening feature. Our tech expert Tom Morgan talks you through how to do this, step by step – and he has tips for landlines, too.

If you'd benefit from 1-to-1 help with your smartphone or other tech products, you can join Which? Tech Support and chat to our friendly experts on the phone or by email, as often as you need. Find out more about what a membership offers and get a £20 Richer Sounds gift card if you join by 2 February. 

Source: Which? (22 Jan 2026)

Getting rid of a PC? Keep your data safe

If you're getting rid of an old Windows 10 computer, make sure you completely wipe your data. Otherwise, your personal files, passwords and photos could fall into the wrong hands.

We take you through the process of resetting your Windows 10 PC while keeping your files and data safe and secure – it's easier than you might think.

Source: Which? (21 Jan 2026)

Password reset emails: how to tell if they're genuine

Instagram users are receiving emails from the platform telling them to reset their passwords. And because users didn’t request password changes, the emails have prompted worry and confusion.

We investigated the emails and found this particular instance to be genuine. Our advice if you receive an email like this: log in to your account via the platform’s official website or app and change your password that way.

Source: Which? (22 Jan 2026)

Community Event: Tackling Violence Against Women and Girls in Slade Green

Community Event: Tackling Violence Against Women and Girls in Slade Green

 

The Bexley Community Safety Partnership (BCSP) is inviting all residents and regular visitors of Slade Green to a vital engagement forum focused on the safety of women and girls in our community.

This is a dedicated space for you to voice your concerns, ask questions, and hear directly from the people responsible for keeping our streets safe. Whether you have specific safety concerns or simply want to learn more about the work being done in your area, your presence is highly valued.

Event Details

• Date: Wednesday 28th January 2026

• Time: 5:00pm – 8:00pm

• Location: Orchard House, Orbit Hub, Slade Green, DA8 3PY

• Suitability: Families and children are more than welcome to attend.

Why should you attend?

This forum is a collaborative effort bringing together key local figures and organisations, including:

• The Police

• Bexley Council

• Local Services

• Your Ward Councillors

The evening is designed to be an open dialogue where you can obtain practical information and advice on gender-based safety, stay informed about ongoing local initiatives, and ensure that the voices of Slade Green residents are heard at a leadership level.

Find out more

For further information regarding the work being done to combat violence against women and girls (VAWG) in Bexley, please visit the official website: 👉 www.bexley.gov.uk/vawg

Scam Alert: Don’t Fall for the "Pharmac4U" Prescription Phishing Email

Scam alert: "Pharmac4U" Prescription Phishing Email

 

There is a new phishing email circulating in the UK targeting people who manage their NHS prescriptions online. Using the names of well-known services like Pharmacy2U, scammers are trying to trick patients into clicking a malicious "Register" button.

Here is what you need to look out for to keep your data safe.

The Red Flags: How to Spot the Fake

Looking at the screenshot provided, there are several immediate "tells" that this is a scam:

• The Sender Address: While the name says "Repeat Prescriptions UQ," the actual email address is a random Hotmail account (jecho_jed@hotmail.com). A legitimate NHS-affiliated service would use an official domain (e.g., @nhs.net or @pharmacy2u.co.uk).

• Inconsistent Branding: The header of the email says "Message from Pharmac4U," but the body text mentions "Pharmacy2U." This inconsistency is a major red flag; professional companies do not get their own names wrong.

• Generic Language: The email uses broad, generic phrases like "Skip the pharmacy queues." While Pharmacy2U is a real, registered service, scammers often "spoof" their name to gain your trust.

• The "Register" Button: This is the trap. Clicking this button likely leads to a fake website designed to harvest your name, address, date of birth, and potentially your GP details or payment information.

Why This Scam is Dangerous

Because many of us legitimately use online pharmacies to manage repeat prescriptions, an email like this can look "normal" at first glance. Scammers rely on us being in a hurry and clicking without checking the sender’s details.

How to Protect Yourself

1. Check the Sender: Always tap on the sender's name to see the full email address behind it. If it looks like a personal account or a string of random letters, delete it.

2. Go Direct: If you want to register for an online pharmacy, never click a link in an unexpected email. Instead, type the address directly into your browser (e.g., www.pharmacy2u.co.uk) or use the official NHS App.

3. Look for Typos: Misspellings like "Pharmac4U" are deliberate or careless mistakes that legitimate companies rarely make.

What to Do if You Receive This

• Do Not Click: Don’t click the "Register" button or any links within the email.

• Report It: You can forward suspicious emails to the Suspicious Email Reporting Service (SERS) at report@phishing.gov.uk.

• Delete: Once reported, delete the email and empty your trash folder.

Stay vigilant and share this with friends or family members who might be expecting a prescription notification!

Blue Badge Holders: Unlocking Free Passage Through Blackwall & Silvertown Tunnels (A Guide to the Exemption Process)

Let's be honest, navigating London's road charging schemes can feel like a labyrinth, and the new Silvertown Tunnel joining its older sibling, Blackwall, means even more to consider. For Blue Badge holders, there's a valuable 100% exemption available, but the application process can sometimes feel a bit… well, let's just say "unnecessarily complicated."

Many Blue Badge holders, or those who drive them, run into a snag trying to link the exemption to their existing London Road User Charging account. The common frustration? TfL's system is quite particular about whose name is on the account when applying for this specific discount.

The Golden Rule: The Blue Badge Holder is the Account Holder

Here's the crucial takeaway that often catches people out: The 100% discount for Blue Badge holders must be applied for through a London Road User Charging account set up IN THE NAME OF THE BLUE BADGE HOLDER.

It doesn't matter if you're the main driver, the spouse, or the family member managing all the household bills. For this specific exemption, TfL needs to see the Blue Badge holder's name as the primary account holder.

Why This Confusion Happens

Often, people try to add the Blue Badge holder's details as a "secondary user" or try to upload the badge onto an account already registered in someone else's name (e.g., the driver's). The system, designed to prevent fraudulent use of Blue Badges, sees this mismatch and will likely reject the application, asking for the details to be submitted by the main account holder – which isn't possible if the main account holder isn't the Blue Badge holder!

Your Step-by-Step Guide to a Smooth Application

To ensure a fuss-free exemption for the Blackwall and Silvertown tunnels, follow these steps:

1. If You've Already Applied Incorrectly:

   • You'll likely receive a rejection and a refund of the £10 registration fee. Wait for this to process. Trying to push it through will only delay things.

2. Create a BRAND NEW Account (in the Blue Badge Holder's Name):

   • Go to the official TfL London Road User Charging website.

   • Crucially, start a new registration process using the full name and date of birth of the Blue Badge holder. This is paramount.

   • You can use your own email address if you manage their affairs, but the personal details must match the Blue Badge.

3. Apply for the "Blue Badge 100% Discount":

   • Once the new account is active, navigate to the exemptions/discounts section.

   • Select the "Blue Badge" exemption.

   • Upload Clear Photos: You'll need to upload clear, legible photos of both the front and back of the Blue Badge.

   • Proof of ID: You'll also need to provide proof of identity for the Blue Badge holder (e.g., passport, driving license). Ensure the name on the ID matches the Blue Badge and the new account.

   • Pay the £10 Registration Fee: This is a one-off fee, not an annual charge.

4. Register Your Vehicle(s):

   • Once the Blue Badge exemption is approved (TfL will notify you, usually within 10 working days, but sometimes quicker), you can register up to two vehicles on this account.

   • Add the vehicle(s) that the Blue Badge holder will be travelling in when using the tunnels.

   • Important: Once your vehicle(s) are linked to an active Blue Badge exemption, they will be recognised by the tunnel ANPR cameras as exempt.

5. Managing the Account (Optional):

   • If you're the primary driver or manager, you can add yourself as an "Authorised User" to the Blue Badge holder's account. This allows you to manage payments, check exemptions, and receive notifications.

   • If you had the exempt vehicle on your own Auto Pay account, it's a good idea to remove it once the Blue Badge exemption is confirmed. While the exemption should override any charges, it simplifies things and avoids potential confusion.

In Summary

While the system might seem a bit convoluted, remember that it's designed to protect the integrity of the Blue Badge scheme. By setting up the account directly in the name of the Blue Badge holder, you're aligning with TfL's requirements and paving the way for smooth, charge-free journeys through the Blackwall and Silvertown Tunnels.

there are several relevant links on the TfL website. Because the Blackwall and Silvertown tunnel charges are part of the same system as the Congestion Charge, you use the same "Blue Badge 100% Discount" application process.

----------------------------------------------------------------------------------------

The most important link for you is the "Before you begin" page, which explicitly states that an account must be in the Blue Badge holder's name.

1. The Main Application Page

• TfL: Blue Badge Discount – Before You Begin

  • Crucial Note from this page: "Before you apply for the Blue Badge discount, you need to set up a London Road User Charging account... in the name of the Blue Badge holder."

2. If You are Applying for Someone Else

If you are managing the account for the Blue Badge holder, TfL provides a specific page for "proxy" applications:

• TfL: Apply for Blue Badge Discount on behalf of someone else

  • This page includes the Authorisation Form you may need to download and sign if you want to be the one legally managing the account while keeping it in their name.

3. General Information on Tunnel Charges & Exemptions

• TfL: Paying the Blackwall and Silvertown Tunnels Charge

  • This page confirms that Blue Badge holders receive a 100% discount but must be registered with TfL to get it. It also explains that if you already have an active Blue Badge discount for the Congestion Charge, it will automatically apply to the tunnels.

Summary of What You Need to Upload:

When you create the new account in the Blue Badge holder's name and apply via the links above, you will need:

• Both sides of the Blue Badge.

• Proof of Identity (one of: Passport, Driving Licence, Birth Certificate, or a Pension/Benefit letter less than 7 months old).

• Authorisation Form (if you are the one applying on their behalf).

Tip: Once the new account is approved, you can add up to two vehicles to it. Once added, those vehicles are "whitelisted" by the cameras and you won't need to do anything else when driving through the tunnels.