ORANGE COUNTY, Fla. – Orange County Sheriff’s Office officials are warning residents about a new COVID-19 scam: one sent via text message and aimed at your coronavirus fears.
“Someone who came in contact with you tested positive or has show symptoms for COVID-19 & recommends you self-isolate/get tested,” the message reads, along with a link to an unfamiliar website.
The message is not from a contact tracer. OCSO deputies believe instead, it is from a hacker.
[RELATED: Read more about COVID-19 vaccine scams here.]
“The tweet itself was just something that was submitted to us,” said Bailey Myers, public information specialist for OCSO. “It is not necessarily connected to any particular case in Orange County. It is just a warning.”
If you receive a text message like the one pictured, DO NOT click the link! It is not a legitimate message from an official agency.
— Orange County Sheriff's Office (@OrangeCoSheriff) December 21, 2020
It can, however, be a gateway for scammers to find their way into your world and get their hands on your personal information.#COVID19 #scam pic.twitter.com/aQ1fDOiDGt
While that may encourage local residents to lower their guard, Myers says it is never too late to be proactive.
“They are not going to be letting people know their test results through a clickable link via text message,” she said. “That is a scam and we want everyone to know: do not click on it.”
The Department of Health and Human Services (HHHS) seconding that approach in videos and tips on their website.
But News 6 wanted to know: if you click on a scam link in a faux COVID-19 text message by accident or on purpose, are you really in trouble?
“That is actually a very valid question,” said Chris Hadnagy, an ethical hacker who workers with law enforcement agencies to figure out thieves might psychologically manipulate you into giving up your information. “Just clicking on the link probably will not put you in danger.”
“There are a few different things that can happen with ‘smishing’ attacks,” said Hadnagy.
“Smishing” attacks are used to describe SMS phishing scams or text message scams.
“First, they are trying to information gather. You click the link and they ask you to log in, fill out a form that asks for your name…which they will use in future attacks,” he said. “Sometimes they will ask you to install an application and that is one of the worst things that can happen because you will install an application that will take over your phone.”
Hadnagy says most of the time if you accidentally click on a “smishing” link, it will only be detrimental if you actually put in personal info or download a fake app.