Cyber criminals using COVID-19 vaccine in latest email scams
Cyber criminals are targeting people in a new email scam using the COVID-19 vaccines as bait in an attempt to steal a user’s money and their identity.
Researchers from Proofpoint have uncovered these email scams which promise COVID-19 relief and vaccines which are targeting workers in essential industries like medical, aerospace and pharmaceutical.
Cyber criminals are exploiting the pandemic and spoofing trusted and well-known organisations like DHL and the World Health Organisation which ask the recipient to click on links and provide personal and financial information.
These links execute a malicious application on the person’s PC which can be exploited in the future for remote access of their computer.
Proofpoint revealed two examples of these scam emails.
The first one appears to be from DHL Express which talks about an undelivered COVID-19 vaccine that asks for you to submit your correct address and to click a link to schedule an appointment on a fake authentication page.
The second email looks like it’s from the World Health Organisation and asks recipients to download a file outlining the latest information about COVID-19.
“Pandemic-themed attacks remain ever-present, and we’ve never observed such a convergence around a single social engineering lure for such an extended time,” says Sherrod DeGrippo, senior director, threat research and detection at Proofpoint.
“These campaigns transcend borders, languages, and industries.”
BEC (Business Email Compromise) fraud and email account compromise is one of the biggest online threats and hackers will continue to employ COVID-19-themed emails while the pandemic continues.
“Threat actors will continue to follow the money, spoof trusted brands, and rely on social engineering to succeed,” Proofpoint’s DeGrippo added.
“It’s important to remain wary of any unexpected messages.”