UCF InfoSec wants to make the UCF community aware of the potential for COVID-19 contact tracing scams. Cyber criminals are taking advantage of the current pandemic, sending fake contact tracing messages via email or text. These messages may ask you to click a link or provide personal information. The links may download malicious software to your computer, and providing your personal information may lead to identity theft or financial loss.
What is contact tracing?
It is the process of identifying people who have come in contact with someone who has tested positive for COVID-19, instructing them to quarantine and monitor their symptoms daily. Legitimate tracers are hired by a state’s department of public health, but should never ask you for personal, confidential or financial information. The U.S. Federal Trade Commission (FTC) has provided tips to help you spot contact tracing scams:
- legitimate contact tracing text messages will not contain a link;
- legitimate contact tracing phone calls will not ask for personal information, such as your Social Security Number;
- contact tracers will not ask you for money or any financial account information.
How can I protect myself?
- regard unexpected text messages or phone calls with suspicion;
- do not click any links in these suspicious text messages—it may download software that can access your personal and financial information;
- if a contact tracing call asks for sensitive personal information, such as your Social Security Number or credit card number, hang up;
- protect your online accounts by enabling Multi-Factor Authentication wherever possible: https://twofactorauth.org/ .
- students can now protect their Knights email with Multi-Factor Authentication: https://infosec.ucf.edu/mfa .
For more information, please visit the FTC website: https://www.consumer.ftc.gov/blog/2020/06/help-covid-19-contact-tracers-not-scammers .
If you receive contact tracing emails in your UCF email that ask you to download an attachment or click a link, report them using one of these options:
- Students: forward them to the Security Incident Response Team at SIRT@ucf.edu
- Employees: use the Phish Alert Button on your computer or phone (https://infosec.ucf.edu/awareness/phish-alert-button/)
UCF InfoSec is here to help you with any information security concerns. Please contact us at infosec@ucf.edu with any questions.
Thank you and Charge On!
UCF Information Security Office
https://infosec.ucf.edu
infosec@ucf.edu