Seriously, stop sharing your vaccine cards on social media

He argued that it would be difficult to deceive him based on anything listed on the card: “What scam are you going to do to me just for knowing my name and my birthday? Unless you sign up for free ice cream on my birthday and not me give, in that case, yes, this is very serious. ”

But it’s not just his birthday that is listed. The card showed clinically sensitive information, including the vaccine batch number, the location of the clinic and the brand of vaccine received. And for some people, the card contains even more.

As the Covid vaccine is released to more people across the country, I lost track of how many vaccine information cards I saw on social media and chat apps. While selfies are encouraged as a way to express joy at being vaccinated and convey that people are doing their part to help stop the spread of Covid-19, several government agencies have warned of the risks of posting vaccine card images online.

“Think of it this way – identity theft works like a puzzle, made up of pieces of personal information. You don’t want to give identity thieves the pieces they need to finish the image,” the Federal Trade Commission said in a blog last month. “Once identity thieves have the pieces they need, they can use the information to open new accounts in your name, apply for tax refunds for themselves and get involved in another identity theft.”

Cybersecurity experts said they were not aware of any widespread hacks or specific scam for vaccine cards – although the roots of identity theft are difficult to discover. But some also said that these security threats would be easy to carry out.

For now, it’s mostly “speculation, but plausible,” according to Mark Ostrowski, chief engineering officer at cybersecurity company Check Point Software. “We will have hundreds of millions of people being vaccinated. If the history of cyber attacks is repeated, these threat agents or scammers will try to find a way to take advantage of this situation.”

At the same time, there has been a series of scams from Covid-19, ranging from people pretending to be Covid-19 contact trackers to fake websites that promise vaccine appointments.

Many of us (perhaps my included editor) may be insensitive to the risks given the amount of information we assume is already available online about us – whether because we post it ourselves, were collected from public data or because it was discarded as part of a breach of previous security. But Rachel Tobac, an ethical hacker specializing in social engineering, said that one of the biggest concerns around the vaccine card trend is that the information is visible in one place and easily accessible.

“Posting an unedited vaccination card, unfortunately, makes it much easier for a criminal to target a specific person,” she said. In some cases, a person’s medical record number is listed on the card. “To have access to confidential medical records over the phone, all you need is a medical record number, last name and date of birth – all listed on the vaccination card – to authenticate me as that individual and gain access to sensitive details.”

A cybercriminal can try to impersonate you and call your health care provider to find out about your medical history or diagnoses, cancel future procedures, change prescribed doses, and more.

With or without the medical record number, she said, vaccination cards can also allow a hacker to conduct a phishing scam to steal data and passwords. With the batch number of the vaccine you received or the location of the place where you were vaccinated, they could spoof that facility’s email address with a message about, for example, a remember to ask you to click on a link, supposedly to reschedule an updated dose, but actually with the intention of getting information from you.

This does not mean that you should ignore any e-mails you receive about the vaccine, but it is a good reminder to be careful with the links you click on any e-mail on any subject and to make sure that the sender is the one who says to be.

People who are more in the public eye, be they influencers, celebrities or journalists like my editor, have a greater threat of this because criminals are more likely to attack them. Stealing your free scoops of ice cream on their birthday would be just the beginning.

“There are all kinds of issues related to potential identity theft,” said Michela Menting, director of research specializing in cybersecurity at technology consulting firm ABI Research. “Individuals should be just as cautious when posting vaccine registration information as they would be when posting their credit card numbers online.”

My editor says he only posted his vaccine card online because it was shared privately with his followers, but security experts have long said that the people most likely to commit identity theft are friends and family.

This does not mean that people should restrain the celebration of the vaccine on social networks. Safer options include cutting out details on a card or opting for a selfie. Some vaccine websites are distributing stickers, much like the ones voters receive in election day polls. Taking a photo using the sticker conveys the same message without the risk of security.

.Source

Share this:

Related