Imagine you’re having a quiet dinner with your family when you suddenly get a text message telling you you’ve been exposed to the Omicron variant of SARS-CoV-2. Moreover, you must pay for a COVID-19 PCR test right now or risk a hefty fine. Not the happiest scenario, right?
Naturally, you panic and rush to click the link in the message. But you shouldn’t. Instead, you should take a closer look at that message. Yes, exposure to the virus is no picnic and nobody wants to pay a fine, but health authorities will never ask for your financial information. Furthermore, in most countries, COVID testing in the public system is free. So why would anyone send you this message?
It’s simple. Even though it might look official, the message you just received is fake. It didn’t come from the authorities. Instead, it was sent by criminals trying to steal your financial information or infect your device with malware.
Thousands of people in the United Kingdom have reported fake NHS Test and Trace messages asking for financial information, login info or other personal data. In fact, according to Action Fraud, scams involving the virus have already cost victims more than £5 million.
Most recently the Cornwall Council has advised people to “think twice before clicking any links”:
“These texts can seem very genuine, but the NHS, government or Public Health Cornwall would never send messages like this from a mobile phone,” said Elizabeth Kirk, senior trading standards officer at the council. “The most important thing is to remember that the scammers want you to click a link. If you click the link, you could enable them to download malware, viruses or other nasties. It might also give them access to your passwords for internet banking or any other sites you access from your phone.”
Phishing for credit cards and personal information
Criminals impersonate members of domestic and international health authorities and target people with SMSs or e-mails including malicious attachments, links or redirects to breaking news regarding the spread of the virus.
Fake medical supply online stores
Malicious actors are taking advantage of supply shortages to establish fake online shops that sell medical supplies such as surgical masks, miracle cures, COVID tests and sanitizer. The criminals take payment but never deliver the supplies.
Snake oil sellers
Scammers are taking advantage of the general panic to promote and sell miracle treatments that allegedly prevent or cure COVID-19.
Fraudsters solicit donations for fake charities or organizations claiming to help individuals, groups or areas affected by the virus, or contribute towards developing a vaccine to fight the virus.
Malicious COVID apps
Criminals advertise mobile phone apps that track the spread of COVID-19, but the app is laced with malware that, once installed, steals personal information, sensitive data and financial details.
- A legitimate message from the authorities will never ask you to dial a premium rate number, make a payment, provide your bank details, offer remote access to your device or provide other personal information such as your social media identities or log in details.
- If you have not taken a COVID-19 test and you receive a message saying you have tested positive, it’s obviously a scam.
- Read the message carefully and watch out for grammar errors or misspelled words as they might indicate a fraud attempt
- Double-check any link you receive, and never enter credentials or financial information via links in messages
- Don’t fall for popups advertising miracle treatments
- Consider installing a security solution on your mobile device. Bitdefender Mobile Security for both Android and IOS protects you from falling victim to link-based mobile scams.