An SMS phishing campaign is telling people they’ve come into contact with someone who’s contracted COVID-19, Computing reports. The UK’s Chartered Trading Standards Institute (CTSI) warned that the text messages try to scare recipients into handing over their personal information.
“Someone who came in contact with you tested positive or has shown symptoms for Covid-19 & recommends you self-isolate/get tested,” the messages say.
The messages contain a link to a website that asks the user to enter personal details. The scammers then use this information to attempt to commit identity theft or break into victims’ bank accounts.
The UK is testing a contact-tracing app on the Isle of WIght and plans to release the app nationally later this year. CTSI’s Lead Officer Katherine Hart said these types of scams can be expected to increase as contact-tracing apps are rolled out.
“We have witnessed a surge in COVID-19-related scams since lockdown began,” Hart said. “This evidence is yet another example of scammers modifying their campaigns as the situation develops. I am especially concerned that scams themed around the contact tracing app are already appearing, even though the official NHS app has only been released in a limited testing phase on the Isle of Wight. These texts are a way to steal personal data and may put the bank accounts of recipients at risk. If anyone receives texts or other kinds of messages like this, they should not click on any accompanying links, and report them to Action Fraud.”
People are more likely to pay attention to these scams since they take advantage of plausible scenarios that could happen to anyone. The scams are even more compelling because people are concerned about their health and the safety of their loved ones. New-school security awareness training can teach your employees to remain calm and level-headed when faced with scams designed to scare them.
Computing has the story: https://www.computing.co.uk/news/4015186/trading-standards-warns-nhs-contact-tracing-phishing-scam
Don’t get hacked by social media phishing attacks!
Many of your users are active on Facebook, LinkedIn, and Twitter. The bad guys use these platforms to scrape profile information of your users and organisation to create targeted spear phishing campaigns in an attempt to hijack accounts, damage your organisation’s reputation, or gain access to your network.
KnowBe4’s Social Media Phishing Test is a complimentary IT security tool that helps you identify which users in your organisation are vulnerable to these types of phishing attacks that could put your users and organisation at risk.
Here’s how the Social Media Phishing Test works:
- Immediately start your test with your choice of three social media phishing templates
- Choose the corresponding landing page your users see after they click
- Show users which red flags they missed or send them to a fake login page
- Get a PDF emailed to you in 24 hours with your percentage of clicks and data entered
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/social-media-phishing-test-partner?partnerid=001a000001lWEoJAAW