Nearly half (48 per cent) of the UK public do not trust the NHSX Coronavirus contact tracing app to keep their information safe from hackers, according to new research.

A Censuswide study of 1,000 UK citizens on behalf of cyber security firm Anomali found that the app, which is set to be rolled out to users from next week to support an easing of lockdown restrictions, is the focus of concerns over data handling and the risk of cyber criminals accessing sensitive information.

The contact tracing tool is designed to help individuals determine whether they have been exposed to someone with COVID-19.

The survey found that 43 per cent of respondents were concerned that the app would give hackers the opportunity to send SMS ‘smishing’ messages or phishing emails asking for their details, while a further third worried that the necessary geolocation tracking within the app might allow the government to track their whereabouts.

A further (36 per cent) were concerned that the app might allow the government to collect data on them, compromising their right to privacy.

The lack of trust in the security of the technology is also underpinned by concerns raised by a majority (52 per cent) that they are not able to distinguish between smishing or phishing attacks and authentic government communications.

The government has insisted that data privacy is a priority in the development of the app.

Earlier this month it was announced the NHS had begun developing a second app, using technology provided by Google and Apple, after privacy concerns were raised about the initial app’s centralised database system.

The first phase of the initiative was piloted in the Isle of Wight earlier this month for testing before proposing a national launch. This study set out to gauge the trade-off between privacy and what people’s comfort levels are when it comes to the government tracking them.

Jamie Stone, head of EMEA at Anomali, said: “At this stage, nobody knows where to get the NHSX app from, so it can be reasonably expected that consumers will be faced with floods of emails with bogus links to convincing looking domains to download the app from.

“It’s tough to predict the increase in the volume of attacks we’ll see, however we’re already seeing thousands of rogue and spoof COVID-19 domains being registered and used in attacks,” Stone explained. “Global interest around the virus, and each nation’s track-and-trace apps, means that attackers will likely use many of these domains to host phishing attacks via both email and SMS.

"People using COVID tracking apps need to be extremely vigilant and aware, ensuring that they’ve installed official government apps and that they are interacting with authentic messages from the agencies.”

Share Story: