Update (31/8): Newer Vaccine Booking Site
I’d recommend booking using the website linked below instead of the nswhvam one as it’s easier to navigate, has faster registration, and is less of a headache to use.
Instead of forcing you to cycle through different clinics and dates for the second dose on nswhvam, this one automatically loads the second vaccine date and lets you know if there’s appointment date/time slots available.
I’ve written about covid vaccine scams before: but now there’s a vaccine booking site for people in NSW that people claim allow them to skip the queue.
With Sydney-siders facing lockdown for (at least) another month, most people are clambering to get vaccinated as soon as possible.
The info on the Service NSW states that:
Clearly, info from Service NSW (arguably the most reputable government source) should be the most accurate: vaccine bookings are done via the official vaccine eligibility checker, so other websites are likely scams or phishing attempts.
As such, it’s not surprising that COVID vaccine booking websites that allow younger Australians to “skip the vaccine queue” being shared on social media are (rightfully) met with skepticism.
In July, Sydney Morning Herald reported on general confusion surrounding these links: as it turned out, “some” of these links are actually legitimate (the article fails to provide links to the apparently legitimate vaccine website(s) in question).
Scamwatch, which is run by the Australian Competition and Consumer Commission, received 108 reports mentioning COVID-19 vaccinations in June but, after investigation, 101 of those were shown to be about “legitimate” information and websites.
It is unclear how the links have become publicly accessible, but it is believed some are intended for healthcare workers and their families or other eligible groups.‘Jab confusion: Genuine vaccination information mistaken for scams’, Sydney Morning Herald
Nab Your Jab: on the “Secret” Vaccine Booking Website
The vaccine booking website mentioned is this:
While it does end with an official ‘health.nsw.gov.au’ domain URL section, I immediately understood the skepticism once I opened the site myself.
Let’s look into the reasons why it looks suspicious:
1. Blurry NSW Government Logo Image
A blurry logo is usually indicative of a phishing website (the same applies to scam emails). The lower-resolution NSW government logo stood out: after a quick browse, I found that the main NSW health website uses a similarly blurry version:
In contrast, the NSW government’s COVID 19 informational site uses a distinctly higher resolution image of the logo:
2. Lack of Website Footer Navigation
The lack of consistency in the footer of the website didn’t do it any favors either: usually, anything deviating from what’s expected visually (based on other government websites) is logical cause for suspicion.
While the nswhvam website contains links to NSW health and ServiceNSW, it lacks the standardised website footer navigation panel:
3. Suspicious Domain URL
Prior to using the ‘.health.nsw.gov.au’ domain, previous links to the booking website appeared less legitimate. These included:
- https://nswhcovidcheckin.powerappsportals.com/anonymous-registrations/?LocationRegCode=RAN-CoVax (source)
- https://nswhvam.service-now.com/vam?vaccine_center=3075676P (source)
A suspicious domain is arguably the biggest indicator of a phishing/scam website, so it’s likely what was ringing alarms in people’s heads before the ‘health.nsw.gov.au’ URL was shared.
4. Email Confirmation Domain
Another cause for suspicion appears during the sign-up process: the verification email is sent not from a ‘health.nsw.gov.au’ or even’ .gov.au’ domain – instead, it comes from a ‘service-now.com’ domain:
While I’ve gone over the reasons why the website seems suspicious, I do believe there’s good reason that it is in fact legitimate. The ‘health.nsw.gov.au’ domain is the first sign of legitimacy.
The Daily Telegraph reported on nswhvam in this article (behind a paywall) includes a link to the booking portal at the end of the article. Here’s a link to the article if you don’t have a Daily Telegraph subscription. It’s unlikely that a major news outlet would link incorrectly to a scam/phishing website – especially considering it’s almost two weeks old.
In addition, earlier this week major news outlets reported on a helpful tool called covidqueue that notifies you when vaccine booking times are available for clinics of your choice. This website likewise directs you to the nswhvam booking website to sign in and make a booking when an availability pops up. (Note: the server seems overwhelmed with traffic periodically – it loaded 2 out of 5 days I tried accessing it).
I’ve also located a reddit post of people questioning the legitimacy of the site titled ‘Scam covid vaccination site?’ (questioning the link shared with the ‘powerappsportals.com’ domain. Replies to the post either agree that it seems suspicious or confirm that it is a legitimate site that they booked and confirmed with the vaccination program hotline.
I’ve made my Pfizer bookings through the site. I’ve also spoken to people who confirm that they’ve made bookings which they’ve received vaccines from.
While I have read online of people who were turned away when they turned up at their appointment due to being ineligible, it depends on the clinic as to how strict their screening process is (strict: Sydney Olympic Park, not as strict: Westmead/Blacktown).
Edit (27/8): It’s also officially linked to on the NSW health website here.