COVID Feature: COVID-19 Contact Tracing

Binary data with the word IDENTITY appears in the shadow of a hand. Concept for digital crime. Blue toned image.

Perhaps you’ve heard about COVID-19 contact tracing. (If you’re out of a job, you might want to look into it. Many states are hiring for this position.) The CDC explains that contact tracing is one part of a multiprong approach to fighting the spread of the coronavirus in addition to washing hands and social distancing. Unfortunately, there are quite a few fraudsters using contact tracing to commit COVID-19 fraud.

Right now, there is a big push for educated and trained staff to work with coronavirus patients to identify who they have been in contact with while contagious. Tracers are responsible for contacting those potentially infected people to inform them of their risk and provide instruction on what to do. Many states are notifying these individuals through text alerts that include instructions to call contact-tracing hotlines.

While contact tracing will definitely help reduce the spread of COVID-19, scammers are using SMS text messages to mislead people. Scammers typically include a link in their spam text messages. (Whatever you do, don’t click on it.) Those links could download malware or lead you to a phishing page that asks for your personal data or a password.

The Federal Trade Commission (FTC) warns that a typical SMS scam reads, “Someone who came in contact with you tested positive or has shown symptoms for COVID-19 & recommends you self-isolate/get tested.” Then the message directs the victim to learn more by tapping a URL. Sometimes, malicious texts direct you to call a fake hotline where you are prompted to enter in your personal information.

To avoid being the victim of COVID-19 fraud, consider the following tips so you can tell the difference between an official contact-tracing program and a scam:

  • Legitimate health department contact tracers will never ask for your Social Security number, credit card details, or financial information. They also won’t ask you to send money or perform any type of transaction.
  • Contact tracing scams confuse text recipients by introducing a new challenge such as downloading a link, then compel the user to act by submitting personal information. (Considering our current pandemic, you can understand how someone might fall for the trick and click on the link with the hopes of finding more information on what to do.)
  • Set up two-factor authentication on every online account you have. While a hacker may get one of your passwords, two-factor authentication will make it very difficult for fraudsters to obtain access.
  • Update your software and operating systems regularly to prevent downloading malware.
  • Use filters and blocking services to prevent being inundated with junk calls and texts.

Today’s Fraud of the Day comes from an article, “Don’t Be Fooled by Covid-19 Contact-Tracing Scams,” published by Wired on May 25, 2020.

THE COVID-19 PANDEMIC has created prime conditions for scams. From phishing attacks to unemployment fraud, attackers have put new, more exploitative twists on their classic hustles. And now the Federal Trade Commission is warning that those fraudsters have designed scams around state contact-tracing initiatives.

You’ve probably heard a lot about contact-tracing mobile apps, but state health departments have also been ramping up manual programs staffed by trained volunteers. The idea is to “trace” people who have been in contact with someone who has tested positive for Covid-19, and advise all those who may have been exposed to quarantine strictly at home and monitor for possible symptoms. For all of this to work, contact tracers need to get in touch with lots of potentially impacted people, and many states are sending text alerts to call contact-tracing hotlines. But given that scammers are already adept at blasting out misleading SMS text messages, contact-tracing communications have become a compelling communication to co-opt for fraud.



Previous articlePrescription for Fraud
Next articleScanning for Medicare Fraud

Larry Benson, Senior Director of Strategic Alliances, LexisNexis Risk Solutions - Government

Larry Benson is responsible for developing strategic partnerships and solutions for the government vertical. His expertise focuses on how government programs are defrauded by criminal groups, and the approaches necessary to prevent them from succeeding.

Mr. Benson has 30 years of experience in sales and business development. Before joining LexisNexis® Risk Solutions, he spent 12 years founding and managing two software technology startups. During the 1990s he spent 10 years as a Regional Director helping to grow a New England-based technology company from 300 employees to 7,000. He started his career with Martin Marietta Aerospace working on laser guided weapons and day/night vision systems.

A sought-after speaker and accomplished writer, Mr. Benson is the principal author of “Fraud of the Day,” a website dedicated to educating government officials about how criminals are defrauding government programs. He has co-authored WTF? Where’s the Fraud? How to Unmask and Stop Identity Fraud’s Drain on Our Government, and Data Personified, How Fraud is Changing the Meaning of Identity.

Benson holds a Bachelor of Science in Physics from Albright College, and earned two graduate degrees – a Master of Business Administration from Florida Institute of Technology, and a Master of Science in Engineering from Lehigh University.