The newest SARS-CoV-2 mutation is bringing a renewed sense of urgency among organizations and official authorities organizing the COVID-19 vaccine rollout. The rise in fear has brought about confusion and panic, the perfect atmosphere for catching users unaware. Cybercriminals exploit the publics' fear through COVID-19 vaccine-related domains and phishing emails. 2020 has been a busy and lucrative year for cybercriminals who continue to exploit every aspect of the pandemic. Now that we have vaccines for the deadly virus in sight, cybercriminals have found another profitable area to capitalize on.
According to Check Point- a cyber threat intelligence source, the fear of COVID-19 and global interest in the vaccines are attracting cyber crooks and their malign intentions. The most prominent attacks include vaccine-related fake domains and phishing campaigns.
Latest vaccine-related phishing campaigns
Ever since the pandemic broke out, which led to working remotely across the world, the number of phishing campaigns has skyrocketed. When the first talk of vaccines started to spread, phishing attacks used vaccine developments to trick people, and now cybercriminals are using the vaccine rollout news to deceive people. These threat actors are now using the latest vaccine updates as bait for their phishing attacks. According to the Check Point report, cybercriminals sent out emails with attached executable files which when clicked on install an InfoStealer, a type of malicious malware that could extract usernames, passwords, and other account details.
The emails contained the subject “Download_Covid 19 New approved vaccines.23.07.2020.exe” and “pfizer's Covid-19 vaccine: 11 things you need to know”. These subjects were written in both English and Spanish.
The report suggests these attacks could either be state-backed or carried out by certain cybercriminal groups. Microsoft reports that hackers backed by North Korea and Russia have been observed in stealing information from vaccine researchers and pharmaceutical companies.
These vaccine-related phishing campaigns are expected to be the first of many that can target both individuals and organizations over the coming months, as the race to deliver vaccines across the globe continues.
Rise in COVID-19 vaccine-related domains and dark web
As expectations and excitement for vaccines rise, so do attacks focused on taking advantage of the heightened emotions and rising interest. Since November, as many as 1062 domains containing the word ‘vaccine’ were registered, while 400 domains mentioned ‘COVID’ or ‘corona’.
Some have become so eager to get their hands on the vaccine they search for any possible avenue towards getting vaccinated. These people are likely to fall prey to fake calls and promises. As per the Check Point report, several posts are claiming Coronavirus vaccines availabilities and COVID-19 remedies available online. The dark web sees people selling COVID-19 vaccines for $250. The dark web is filled with these fake advertisements where the seller insists on being paid in bitcoins. With the abundance of fake information available online, it is common for people to become victims of such organized disinformation and cybercrime.
In such situations, it becomes crucial to protect yourself and your organization from falling prey to these scams. The best way to protect against these attacks would be to wait for official announcements. Avoid clicking on links if received from unknown senders. Ensure the domain names and spellings in the email are correct and legitimate, and always enable two-factor authentication on your devices to secure your data.
For more news and updates visit https://blog.excellimatrix.com/
For any questions, reach us out on Facebook, & LinkedIn or Contact us. You can also drop a mail at sales@ExcelliMatrix.com for any discussion.
