A confusing, chaotic rush to deliver COVID-19 vaccinations is making cyberspace a more fertile place for pandemic-related scams.
Researchers at Barracuda Networks said on Thursday that vaccine-related spearphishing emails rose 26% from October to the end of January. That roughly coincides with the time Pfizer and Moderna announced vaccine availability, and represents a 12% uptick from up from the one-month period of October to November.
“We hope it’s the last phase of the lifecycle of this pandemic” for vaccine-related spearphishing attacks, said Fleming Shi, chief technology officer at Barracuda. ” These are just as potent as the ones earlier in the pandemic, probably even more so, because there’s an urgency for people. They’re racing for the openings.”
Also Wednesday, Check Point Research said that vaccine-related domain registrations rose by 300% over the past eight months, with a large spike beginning in November and continuing through January. Of those Check Point deemed dangerous and potentially scam-related, the company saw a 29% increase over the same time period, with a big jump in December in particular.
That race for vaccine appointments could make victims out of anyone eager to click on links related to inoculations. In some cities, the process for receiving vaccinations has drawn comparisons to the book and film series “The Hunger Games,” with people refreshing websites obsessively to obtain one of a limited number of spots available.
Barracuda’s research found evidence that email scammers aren’t just trying to make victims out of people rushing to get vaccines, either. The hackers are using the attacks to steal email credentials that can be used to mount business email compromise (BEC) campaigns afterward, for example. In such BEC scams, attackers use phony emails to solicit money transfers that appear to come from, say, an official within the victim’s company.
“Cybercriminals use phishing attacks to compromise and takeover business accounts,” the Barracuda research stats. “Once inside, more sophisticated hackers will conduct reconnaissance activity before launching targeted attacks. More often than not, they use these legitimate accounts to send mass phishing and spam campaigns to as many individuals as possible before their activity is detected and they are locked out of an account.”