Seriously, stop sharing your vaccine cards on social media

by

He argued that it would be hard for them to trick him based on everything on the card: “What scam will you let me know just my name and birthday? Unless you sign up for free birthday ice cream balls and don’t give them to me in that case, yes, it’s very serious. ”

But it’s not just his birthday that shows up. The card displays medically sensitive information, including the vaccine batch number, clinic location, and vaccination mark received. And for some people, the card contains even more.

As the Covid vaccine spreads to more people across the country, I’ve lost count of how many vaccine information cards I’ve seen on social media and chat apps. While selfie is encouraged as a way to express the joy of being vaccinated and spread the word that people are doing their part to help stop the spread of Covid-19, several government agencies have warned of the risks of publishing pictures of vaccine cards online.
“Think of it this way: identity theft works like a jigsaw puzzle, made up of bits of personal information. You don’t want to give identity thieves the pieces they need to finish the picture,” the Federal Trade Commission said in a blog post last month. “Once identity thieves have the pieces they need, they can use the information to open new accounts in your name, claim a tax refund for themselves and commit other identity thefts.”

Cybersecurity experts said they are unaware of any specific scam or widespread scam for vaccine cards, although the roots of identity theft are hard to discover. But some also said these security threats would be easy to execute.

For now, it’s mostly “speculative but likely,” according to Mark Ostrowski, chief engineer of cybersecurity company Check Point Software. “We will have hundreds of millions of people vaccinated. If the history of cyberattacks is repeated, these actors or threat scammers will try to find a way to take advantage of this situation.”

At the same time, there have been several Covid-19 scams, ranging from people posing as Covid-19 contact tracers to fake websites promising vaccine appointments.
Many of us (perhaps including my editor) may be insensitive to the risks, given the amount of information we assume is already available online about us, either because we published it ourselves, it has been collected from of public data or because it has been sent as part of a previous security breach. But Rachel Tobac, an ethical hacker specializing in social engineering, said one of the biggest concerns around the vaccine card trend is that information is visible in one place and easily accessible.

“Unfortunately, issuing an unedited vaccination card makes it easier for a criminal to target a specific person,” he said. In some cases, a person’s clinical record number appears on the card. “To access confidential medical records over the phone, having your medical record number, last name, and date of birth (all listed on the immunization card) is all I need to authenticate as an individual and access there are delicate details. “

A cybercriminal could try to impersonate you and call your healthcare company for information about your medical history or diagnoses, cancel upcoming procedures, change prescription doses, and more.

With or without the medical registration number, he said, vaccine cards could also allow a hacker to perform a fishing scheme to steal data and passwords. With the batch number of the vaccine you received or the location of the place where the vaccine was given to you, they could falsify the email address of this facility with a message about, for example, remember I had urged you to click a link, supposedly to reschedule an updated dose, but I really intended to get you information.

That’s not to say you should ignore any emails you receive about the vaccine, but it’s a good reminder to consider the links you click on with any email on any topic and make sure the sender he is the one who says they are.

People who are more in public view, whether influential, celebrities, or journalists like my editor, have a greater threat because criminals are more likely to attack them. Stealing your free ice cream balls on your birthday would just be the start.

“There are all sorts of issues related to potential identity theft,” said Michela Menting, director of cybersecurity research at technology market advisory firm ABI Research. “Individuals should be wary of publishing vaccine record information as they would be publishing their credit card numbers online.”

My editor maintains that he only posted his vaccine card online because it was shared privately with his followers, but security experts have said that the people most likely to commit identity theft are friends and family.

This is not to say that people should stop holding the vaccine on social media all together. The safest options include cropping details on a card or opting for a selfie. Some vaccination sites hand out stickers, such as those received by voters at election polls. If you take a photo while wearing the sticker, the same message is transmitted without security risks.

.Source