Expert Insight On Covid-19 Test & Trace SMS Phishing Attack

By   ISBuzz Team
Writer , Information Security Buzz | Jun 01, 2020 03:02 am PST

The NHS Test & Trace scheme is already being exploited by cybercriminals, with a new smishing (SMS-phishing) attack telling citizens that they have been in contact with someone who has COVID-19. An example of the text message is below. These kinds of fake text messages typically include a link to a malicious site, or will ask the receiver to share personal information that could then be used to commit identity fraud.

NHS has written specific guidelines on how they will contact people in the Test & Trace scheme, which can be found here.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Ben Tuckwell
Ben Tuckwell , District Manager, UK & Ireland
June 1, 2020 11:04 am

Fraudsters are known to thrive in times of crisis. With millions of people around the country working from home, in many cases distracted by young children, the truth is that they are sitting ducks for clever and timely phishing attacks. This particular smishing (SMS-phishing) attack makes great use of social engineering by exploiting the fact the track and trace services are making headlines and there is a general heightened sense of fear; in all likelihood, at least some people will be fooled into thinking that the text message is legitimate. Consumers can protect themselves by acting smart and pausing to consider each communication they receive, while remembering the three key smishing don’ts – don’t respond to texts from unknown or unusual numbers; don’t click on any links in text messages; and don’t share any banking information, usernames or passwords or other personal details after receiving a text message, unless you can verify who you are speaking with.

Last edited 3 years ago by Ben Tuckwell

Recent Posts

Would love your thoughts, please comment.x