Skip to content
 

Don't Flaunt Your COVID-19 Vaccine Card on Facebook

Revealing sensitive personal data on social media can trigger identity theft

Former Los Angeles Mayor Antonio Villaraigosa holds his vaccination card after receiving his first shot

Allen J. Schaben / Getty Images

En español | Once you have received a COVID-19 vaccine, don't post a photo of your vaccine card on social media, the Better Business Bureau warns.

Typically, such cards contain your name, date of birth, patient number and other information that bad actors can use to steal your identity and commit fraud. That's especially true if your privacy settings on Facebook, Instagram or other social platforms are not strict, allowing the image to be widely shared, says Steve Bernas, president and CEO of the Better Business Bureau of Chicago and Northern Illinois.

Even where you were vaccinated should be kept private, the bureau says. If you've already posted a photo of a vaccine card, here are some options: Remove it; redact the information that should be confidential and repost the image; or replace the image with a harmless sticker that gives you bragging rights for having rolled up your sleeve — but doesn't jeopardize your identity. Or consider putting a new “frame” that conveys your vaccine status around your profile photo.

Date of birth among ‘treasures’ scammers covet

“You really never want to give anybody your birthday. I mean, that's one of the treasures."

—Steve Bernas, Better Business Bureau official in Chicago

Bernas, 55, tells AARP that since data breaches are so common it's not a matter of if your identity will be stolen, but when. He himself got a call from suburban Chicago police a few years back and learned his name and credit card information had been stolen and were being used to buy electronics at Best Buy. It was at another firm, not Best Buy, that an employee had filched the info, Bernas says.

Talking about protecting your vaccine card, he remarks: “You don't want to give scammers any more information because they constantly build a profile on you.” It could be 10 years before they act on what they've discovered, he notes.

As for your date of birth, a scammer considers that “one of the treasures,” Bernas says. So if you must tell friends on social media the month and day you were born, consider misstating the year — even by decades — to keep scammers unaware.

Fake vaccine cards already a scourge

Another danger in being too showy with your vaccine card: If it's viewed online that potentially can help scammers create phony vaccine cards, the Better Business Bureau says.

Scammers in England were caught selling fake vaccination cards on eBay for the equivalent of about $2 in U.S. dollars, so the Better Business Bureau believes it's only a matter of time before something similar occurs in the U.S.


According to Bernas, the bureau's warning emerged based on the British news accounts, as well as anecdotal stories across the U.S. about social media posts showing vaccine cards with personally identifiable information (PII) visible.

The Federal Trade Commission, a consumer protection agency, also advises people to safeguard their sensitive data. An agency spokeswoman, Juliana Gruenwald, puts it this way: “Identity theft is like a puzzle, made up of pieces of personal information. You don't want to hand over to identity thieves the pieces they need to complete the picture. One of those pieces is your date of birth."

Katherine Skiba covers scams and fraud for AARP. Previously she was a reporter with the Chicago Tribune, U.S. News & World Report, and the Milwaukee Journal Sentinel. She was a recipient of Harvard University’s Nieman Fellowship and is the author of the book, Sister in the Band of Brothers: Embedded with the 101st Airborne in Iraq.

AARP’s Fraud Watch Network can help you spot and avoid scams. Sign up for free Watchdog Alerts, review our scam-tracking map, or call our toll-free fraud helpline at 877-908-3360 if you or a loved one suspect you’ve been a victim.

Join the Discussion

0 | Add Yours

Please leave your comment below.

You must be logged in to leave a comment.