Seriously, stop sharing your vaccine cards on social media

by



[ad_1]

He argued that they would be hard-pressed to fool him based on everything listed on the card: “What scam are you going to throw at me just knowing my name and birthday? Unless you sign up? to free scoops of ice cream on my birthday and don’t give them to me, in which case, yes, that’s very serious. ”

But it wasn’t just her birthday that was listed. The map showed medically sensitive information, including its vaccine lot number, the location of the clinic and the brand of vaccination received. And for some people, the map has even more.

As the Covid vaccine rolls out to more people across the country, I’ve lost track of how many vaccine information cards I’ve seen on social media and apps from cat. While selfies are encouraged as a way to express the joy of being vaccinated and to broadcast that people are doing their part to help stop the spread of Covid-19, several government agencies have warned of the risks of posting online vaccine card images.
“Think of it this way – identity theft works like a puzzle, made up of pieces of personal information. You don’t want to give identity thieves the pieces they need to finish the picture.” , the Federal Trade Commission said in a blog post. last month. “Once identity thieves have the documents they need, they can use that information to open new accounts in your name, claim your tax refund for themselves, and engage in other theft. ‘identity.”

Cyber ​​security experts said they were unaware of widespread vaccine card-specific hacks or scams – although the roots of identity theft are difficult to uncover. But some have also said that these security threats will be easy to execute.

For now, it’s mostly “speculation but plausible,” according to Mark Ostrowski, engineering manager at Check Point Software, a cybersecurity company. “We will have hundreds of millions of people vaccinated. If the history of cyber attacks repeats itself, these threat actors or con artists will try to find a way to take advantage of this situation.”

At the same time, there have been a number of Covid-19 scams, ranging from people claiming to be Covid-19 contact tracers to fake websites promising vaccine appointments.
Many of us (perhaps my editor included) may be insensitive to risk given the amount of information we assume already available online about us – either because we published it ourselves, it was. collected from public data or because it was emptied as part of a previous security breach. But Rachel Tobac, an ethical hacker specializing in social engineering, said one of the biggest concerns about the vaccine card trend is that the information is visible in one place and easy to access.

“Viewing an unedited vaccination record, unfortunately, makes it much easier for a criminal to target a specific person,” she said. In some cases, a person’s medical record number is written on the card. “To access sensitive medical records over the phone, I only need the medical record number, name and date of birth – all of which are on the vaccination record – to authenticate myself as that person. and have access to it. sensitive details. “

A cybercriminal might try to impersonate you and call your healthcare company to find out more about your medical history or diagnoses, cancel upcoming procedures, change prescription doses, and more.

With or without the medical record number, she said, the vaccination cards could also allow a hacker to run a phishing program to steal data and passwords. Along with the lot number of the vaccine you received or the location of where you received the vaccine, they could spoof that facility’s email address with a message on, for example, a remember urging yourself to click on a link, supposed to reprogram an updated dose, but really meant to take information from you.

This doesn’t mean that you should ignore the emails you receive about your vaccine, but it is a good reminder to think about which links you click with any email on any subject. and make sure the sender is who they say they are.

People who are more in the public eye, whether they are influencers, celebrities or journalists like my editor-in-chief, are more at risk because criminals are more likely to target them. Stealing their free scoops of ice cream on their birthday would just be the start.

“There are all kinds of issues with potential identity theft,” said Michela Menting, cybersecurity research director at technology market consultancy ABI Research. “Individuals should be as careful about posting information on immunization records as they would be about posting their credit card numbers online.”

My publisher maintains that he only released his vaccine card online because it was shared privately with his subscribers, but security experts have long said those most likely to steal from identity are friends and family.

That’s not to say people should put the brakes on celebrating the vaccine on social media all together. More secure options include cropping the details on a card or choosing a selfie instead. Some vaccination sites distribute stickers, much like the ones voters receive at the poll on polling day. Taking a photo while wearing the sticker conveys the same message without a safety risk.

[ad_2]

Source link