By Pelle Waldron, Global Cyber Alliance
A text message alerting you that you have been in contact with someone who has tested positive for COVID-19 can be an immediate cause for concern — but the real danger may lie in the text itself.
According to a warning from the Federal Trade Commission (FTC), scammers posing as contact tracers are sending text messages containing links that, when clicked on, may cause malicious software to be downloaded onto your mobile device.
This type of text message scam is known as “smishing” and can potentially allow cybercriminals to access your personal and financial information.
As states begin to relax stay at home orders and social distancing measures, contact tracing serves as a “core disease control measure,” according to the Centers for Disease Control and Prevention (CDC). Public health staff work with patients to recall everyone they may have come into contact with and then reach out to those people to warn them of their potential exposure so that they can take necessary precautions.
A text message from a contact tracer may alert the recipient that they will soon get a phone call from a specific number; it will never ask you to click on a link or to provide personal information.
Smishing texts may closely mirror those sent from contact tracers. Usually the message is phrased in an urgent manner and encourages the recipient to click on a link for more information — that is where they differ from real texts from contact tracers, and by clicking on the link, you are putting your personal information at risk.
Smishing is one of many ways in which hackers and scammers have been taking advantage of the COVID-19 pandemic. We have covered various means of securing your devices and avoiding phishing scams, among other topics, which you can find on our Work From Home blog.
GCA’s Beyond Simple Passwords Toolbox in the Cybersecurity Toolkit for Small Business provides information and resources to help set up multi-factor authentication as an added layer of security to mitigate cyber risk. Backing up your devices frequently and updating them with the latest patches also serve as effective measures to increase the security of your systems.
And of course, being knowledgeable about what to look out for when it comes to these types of scams, especially during a time in which the world is adapting to new ways of conducting business, always serves as the front line of defense.
GCA’s Work From Home Campaign is a resource for more information on remote working, including step-by-step instructions for individuals and small businesses. We have been joined by 23 nonprofits in an effort to increase awareness about cybersecurity during this difficult time.
You can also visit the GCA Work From Home Community Forum for additional resources, where our security experts are on hand to answer your questions.