Vaccine schedulers – SCAM OF THE MONTH

May 6th, 2021
Vaccine schedulers –  SCAM OF THE MONTH

Img-blog-vaccine-schedulers-scam-of-the-month-r1

Each month, we highlight REAL examples of tactics criminals are using RIGHT NOW to take advantage of you and your colleagues. We hope this will better prepare you when the next scam hits.

Marcie had been waiting patiently for her chance to get the Covid-19 vaccine. When her time finally came, and her first does was administered, she wanted to share her excitement on social media. Marcie snapped a selfie holding up her vaccine card. The card didn’t contain much information, just her name, date of birth, and vaccine details. She posted the picture online and shared it publicly, not just with her friends.

A week later Marcie received a call to book her second vaccine, but the scheduler said they need her government identification number and more personal information to complete the booking. Marcie obliged, not realizing she just gave away her information to a scammer.

Did you spot the red flags?

  1. Marcie posted her picture publicly, allowing everyone to see it.
  2. Her picture contained valuable personal information which was used against her in a follow up scam.
  3. The scammer posed as a vaccine scheduler with knowledge from the simple image Marcie posted.

What you should know about this scam

Social media sites are great for sharing information with friends and family but watch what you post and to whom. Keep any posts containing your personal information private so only those in your circle can see them.

Vaccination cards are wildly popular right now among the cybercrime community. They are being forged and sold through many online channels. The forged cards could be used by others to receive your second dose or provide additional information for scammers to use in their attacks against you.

Although it may not seem like much, an image or post containing your personal details such as name and date of birth can be a goldmine for a cybercriminal. This information could be used for additional spear phishing attacks or identity theft.