Scam text ‘warning’ people they have been close to a person with COVID-19 targets British public ahead of national rollout of NHS contact-tracing app
- Bogus text message says someone in close contact tested positive for the illness
- The message contains a link that prompts the victim to enter their bank details
- The app is being trialled on the Isle of Wight before a full roll out later this month
Scammers are sending text messages that impersonate the NHS’s new contact tracing app before it has even been released.
Deceptive texts seen by the Chartered Trading Standards Institute (CTSI) tell people they have been in contact with someone who has tested positive for the virus.
The scam text reads: ‘Someone who came in contact with you tested positive or has shown symptoms for Covid-19 & recommends you self-isolate/get tested.’
The messages contain a link to a bogus website that asks for personal details, which are used by scammers to gain access to bank accounts and commit identity fraud.
The UK’s contact-tracing app is currently being trialled on the Isle of Wight, ahead of a roll out to the rest of the country some time this month.
But experts fear that more scams that impersonate the contact tracing app will appear once it is released nationally.
Scroll down for video
Example of a bogus text claiming a person has been in contact with someone who has tested positive for COVID-19. The message contains a dangerous link that prompts victims to enter their bank details
‘I am especially concerned that scams themed around the contact tracing app are already appearing, even though the official NHS app has only been released in a limited testing phase on the Isle of Wight,’ said Katherine Hart, lead officer at CTSI.
‘This evidence is yet another example of scammers modifying their campaigns as the situation develops.
‘These texts are a way to steal personal data and may put the bank accounts of recipients at risk.’
Anyone who receives texts or other similar messages should not click on any accompanying links and report them to Action Fraud, Hart said.
The NHS rolled out the new coronavirus track-and-trace app across the Isle of Wight on May 5 as a test before a full roll out.
The app for iOS and Android asks users to log whether or not they symptoms and uses Bluetooth to keep track of other phones it has come into contact with.
If someone logs symptoms of COVID-19 in the app, alerts will be sent to users of phones that have been in ‘significant contact’ with them, which will ultimately help trace the spread of the illness around the country.
But this new scam method sent to phone users shows the contact tracing app is already being imitated by fraudsters before its general release.
The NHS contact-tracing app is being trialled on the Isle of Wight before a full roll out in the UK
The messages appear as though they were sent by an official source associated with the app, directing recipients to a website for more information.
But the link actually attempts to gain bank account details to transfer and withdraw money, as well as other personal information such as names and addresses.
This additional personal information makes it easier for the scammer to conduct forms of identify fraud, such as false loan applications or false credit card accounts, which have a lasting impact on the victim’s credit rating.
Hart said CTSI has witnessed a surge in COVID-19-related scams since lockdown began near the end of March.
Action Fraud, the national reporting service for fraud and financially-motivated cyber crime, reports that COVID-19 scams have already stolen more than £2 million.
The National Cyber Security Centre (NCSC) recently said it had received more than 160,000 reports of suspicious emails within two weeks of launching a new scam-busting service, many of which were related to Covid-19.
A screenshot of the real NHS contact tracing app. Large numbers of the public downloading and using the NHS contact tracing app will help save lives and could get the UK out of lockdown
Last month, internet security company Kaspersky has uncovered malware hiding in a hoax copy of the NHS website to capitalise on people seeking coronavirus health advice.
Once unsuspecting visitors click links on the site, malware was able to steal passwords and credit card data from their internet browser, which was then being sent to cyber criminals.
Kaspersky has acknowledged an increase in scam attempts during the course of the pandemic, especially those with fake coronavirus advice.
The company saw a 43 per cent growth in these sorts of attacks between January and March as coronavirus infection rates climbed.
Source: Read Full Article