Scammers Exploit Rollout of COVID-19 Contact-Tracing Apps

Portrait young angry woman with glasses unhappy, annoyed by something on cell phone while texting receiving bad sms text message isolated grey wall background. Human face expression emotion reaction An SMS phishing campaign is telling people they’ve come into contact with someone who’s contracted COVID-19, Computing reports. The UK’s Chartered Trading Standards Institute (CTSI) warned that the text messages try to scare recipients into handing over their personal information.

“Someone who came in contact with you tested positive or has shown symptoms for Covid-19 & recommends you self-isolate/get tested,” the messages say.

The messages contain a link to a website that asks the user to enter personal details. The scammers then use this information to attempt to commit identity theft or break into victims’ bank accounts.

The UK is testing a contact-tracing app on the Isle of WIght and plans to release the app nationally later this year. CTSI’s Lead Officer Katherine Hart said these types of scams can be expected to increase as contact-tracing apps are rolled out.

“We have witnessed a surge in COVID-19-related scams since lockdown began,” Hart said. “This evidence is yet another example of scammers modifying their campaigns as the situation develops. I am especially concerned that scams themed around the contact tracing app are already appearing, even though the official NHS app has only been released in a limited testing phase on the Isle of Wight. These texts are a way to steal personal data and may put the bank accounts of recipients at risk. If anyone receives texts or other kinds of messages like this, they should not click on any accompanying links, and report them to Action Fraud.”

People are more likely to pay attention to these scams since they take advantage of plausible scenarios that could happen to anyone. The scams are even more compelling because people are concerned about their health and the safety of their loved ones. New-school security awareness training can teach your employees to remain calm and level-headed when faced with scams designed to scare them.

Computing has the story: https://www.computing.co.uk/news/4015186/trading-standards-warns-nhs-contact-tracing-phishing-scam

Don’t get hacked by social media phishing attacks!

Many of your users are active on Facebook, LinkedIn, and Twitter. Cybercriminals use these platforms to scrape profile information of your users and organization to create targeted spear phishing campaigns in an attempt to hijack accounts, damage your organization's reputation, or gain access to your network.

KnowBe4’s Social Media Phishing Test is a complimentary IT security tool that helps you identify which users in your organization are vulnerable to these types of phishing attacks that could put your users and organization at risk.

Here's how the Social Media Phishing Test works: