Skip to main content

Explains how to identify genuine communications from our contact tracing team.

Part of:
First published:
15 June 2020
Last updated:

The aim of contact tracing is to protect your health and support the ongoing work to control the spread of coronavirus. It is not about enforcement or surveillance. The data you provide is in the interests of protecting your own health and the health of others.

In supporting the NHS Wales Test, Trace, Protect service to deliver contact tracing in Wales, you should remain vigilant for any signs of cyber security, spoofing, phishing or fraud. You will only be contacted through the service if you have received a positive test for coronavirus or if you have been identified as a contact of someone who has tested positive.

All contacts from the NHS Wales Test Trace Protect Services will come from dedicated numbers or emails, further information on which is included in these pages:

Contact tracing: if you’ve tested positive 

Contact tracing: if you’re a confirmed contact

You will not be asked for any financial information, bank details, passwords or any other data other than information covered in these pages. If you have any doubts then you should not provide the information.

A contact tracer will never:

  • ask you to dial a premium rate number to speak to them (for example, those starting 09 or 087)
  • ask you to make any form of payment or purchase a product or any kind
  • ask for any details about your bank account
  • ask for your social media identities or login details, or those of your contacts
  • ask you for any passwords or PINs, or ask you to set up any passwords or PINs over the phone
  • disclose any of your personal or medical information to your contacts
  • provide medical advice on the treatment of any potential COVID-19 symptoms
  • ask you to download any software to your PC or ask you to hand over control of your PC, smartphone or tablet to anyone else
  • ask you to access any website that does not belong to the Government or NHS
  • If you think you have been sent a scam message, please report it to Action Fraud.
  • If you receive an email which you are not quite sure about, you can forward it to the National Cyber Security Centre’s Suspicious Email Reporting Service (SERS) by e-mailing report@phishing.gov.uk.
  • To report a spam text, forward the message to Ofcom’s spam texting service on 7726.

Share this page