Is Your Vaccine Card Selfie a Gift for Scammers? Maybe

So you finally got a Covid-19 vaccine. Relieved, you take a photograph of your vaccination card, showing your name and birth date and which vaccine you had, and publish it on social media.

But some experts are warning that the information on the celebratory photo might make you vulnerable to identity theft or scams.

“Unfortunately, your card has your full name and birthday on it, as well as information about where you got your vaccine,” the Better Business Bureau said last week. “If your social media privacy settings aren’t set high, you may be giving valuable information away for anyone to use.”

On Friday, the Federal Trade Commission followed suit: “You’re posting a photo of your vaccination card on social media. Please — don’t do that!” it warned bluntly. “You could be inviting identity theft.”

Scammers can sometimes figure out most digits of your Social Security number by knowing your date and place of birth, and can open new accounts in your name, claim your tax refund for themselves, and engage in other identity theft, said Maneesha Mithal, associate director of the Federal Trade Commission’s Division of Privacy and Identity Protection.

“Identity theft is like a puzzle, made up of pieces of personal information,” Ms. Mithal said. “You don’t want to hand over to identity thieves the pieces they need to complete the picture. One of those pieces is your date of birth.”

But even as experts warn to hold off on sharing your card, if you’ve noted your birthday anywhere else online — which most people probably have — it’s likely that the information you’re giving up has already been made available through other means.

Avivah Litan, a senior analyst at the research firm Gartner, said many Americans were vulnerable because of multiple data breaches.

“Basically the criminals already have pretty much everybody’s last name, first name and date of birth,” Ms. Litan said. “There have been so many hacks over the past 10 years. If all they are looking for is my name and birthday, they have it.”

Scammers and identity thieves often collect information gradually, scrubbing social media posts to curate a file on a person’s life, including education, employment and vacation spots. Publishing a birth date hands over one of your most important personal tidbits.

While a name and date of birth is not all an identity thief would need in most cases to steal your identity, putting those details in plain sight makes it easier.

“Scammers are looking for whatever personal identification information they can get from you — any type of information to build a profile,” said Curtis W. Dukes, an executive vice president of the Center for Internet Security.

A scammer could exploit the anxiety over vaccine shortages or a slow distribution process by masquerading as a government official claiming to need a credit-card number to reserve another dose or booster, Mr. Dukes said.

In such a “highly charged” atmosphere of shortages, people “may fall for that and may give up their credit cards or maybe other bits of information,” he said.

Ms. Litan said: “At a minimum it will give the bad actors a jump start in knowing who got vaccinated. So they can use it for scam purposes to socially engineer me to pay them for a booster shot that I will never get, or use it for valid commercial purposes that bypass normal U.S. regulatory structures”.

The pandemic and its fears, she said, has created the perfect environment for that.

“This is all highly emotional stuff,” she said. “This is what hackers and phishers look for.”

Source Article

Next Post

Ames budget hearings show departments' highs and lows of 2020

Sat Feb 6 , 2021
Danielle Gehr   | Ames Tribune After three days of budget hearings, the Ames City Council will make final budget decisions for the fiscal year 2021/2022 Tuesday.  The council finished up three back-to-back meetings which encompassed seven hours of city departments sharing the last year’s accomplishments, future projects and how they faired […]

You May Like