Ever since the unfortunate outbreak of COVID-19 (Coronavirus), hackers have taken to the Internet to exploit the pandemic in clever ways. Such methods have trickled down to spoofing trusted and well-known entities, including the Better Business Bureau in the recent weeks. Such an action has involved hackers distributing a text message that attempts to steal data from unsuspecting computer users or mobile device users. What happens is, a text message is circulated, impersonating official agencies to steal the recipient's sensitive information.
The Better Business Bureau mentioned most official agencies would not send text messages that read the following:
"Someone who came in contact with you tested positive or has shown symptoms for COVID-19 and recommends you self-isolate/get tested." The text message also includes an unofficial link deployed by the scammers behind it.
If users receive a text with similar content, they should avoid clicking on the link. That could lead to a malware infection on your device. If the link is clicked, the device should be scanned for malware. Below is an actual image of the text message scam where the provided malicious link is blacked-out. Those who may receive such a text message should avoid clicking on the link at all costs and proceed to delete the message and block the sender if such an option is available.
Actual image of BBB COVID-19 text message scam
The scammers may call their victims, so it is not likely there will be messages on social media, according to the Better Business Bureau (BBB). Receiving such a message means users should contact law enforcement to make them aware of the scam. Getting the information on the fraud out is essential, since that may help other potential victims.
How Does the Scam Work?
Users receive a text message that appears to imitate official communication from the US Federal government. Scammers often impersonate the US Department of Health and Human Services, but other organizations may be used as cover. The message usually refers to a "mandatory online COVID-19 test" and sends the user to another website. Some scam cases have shown users receiving messages asking recipients to complete a bogus census or online applications to get an alleged stimulus check. Spotting a COVID-19 scam requires being on the lookout for the following telltale signs:
- Government agencies do not usually communicate via text messages.
- Ignore instructions to text STOP or NO to prevent future texts. That may be a ploy by scammers to confirm they're dealing with an active phone number.
- If you have reason to believe the message may be credible, ensure it's coming from an official phone number listed on the website of the actual agency.
- Check for signs of imitation. Ensure you research the agency in question and whether the organization exists. Find contact info of your own and see whether the person messaging you exists or whether this is a case of a fake identity being used to scam people.