A new Covid-19 vaccine scam is doing the rounds on WhatsApp, claiming to be integrated with the government of India’s CoWin vaccine management system. The image, which the Press Information Bureau has broadcasted on Twitter, claims that vaccine appointments are being accepted on WhatsApp. It markets benefits such as no requirement to download apps, a direct line to the CoWin vaccine management portal and shows that using this WhatsApp hotline, users can book vaccination appointments for up to four people. The hotline also asks users to send their name, age, Aadhaar or any other government identification proof, and provide the PIN codes of users based on their residence.
To be absolutely clear, such a hotline is not endorsed by either central or state governments. The government’s official vaccination drive can be signed up for by accessing the CoWin portal through the Aarogya Setu app. Through this portal, users can verify their phone numbers through a one-time password, and subsequently book appointments for up to four eligible Indian citizens above the age of 45. They can then choose the identification that they wish to furbish during the vaccination process, book an appointment at a nearby, convenient vaccination centre and get their dosage. Even the digital certificate can be accessed either via the Aarogya Setu app, or through other government portals such as Umang or DigiLocker.
As a result, no WhatsApp hotlines are therefore official, which in turn means that such a Covid-19 vaccine scam is most likely being laid out in a bid to get access to private data belonging to various users. The only WhatsApp hotline that the government operated was the MyGov chatbot that was introduced at the onset of Covid-19. The portal was used to disseminate an automatic chain of information, including verified news reports, to combat the massive rise of fake news reports during the initial months of the Covid-19 pandemic.
While such scams are hardly new, they represent the most common form of cyber targeting on the internet today. As a result, users are always urged to re-verify content that they share or receive on channels such as WhatsApp. The app, which is owned by Facebook, has stated that as a consequence of offering end-to-end encryption, it cannot openly see the content that is shared between two people, which seemingly allows many users to get away with sharing propaganda, misinformation and other such problematic content.
However, many have stated that since WhatsApp does collect user metadata, they can still choose to act on problematic content such as this Covid-19 vaccine scam, without breaching privacy. Users are urged to remain aware of this scam, and not send any details to the mentioned number.