Modern technology gives us many things.

Cyber criminals using COVID-19 vaccine in latest email scams

Cyber criminals are targeting people in a new email scam using the COVID-19 vaccines as bait in an attempt to steal a user’s money and their identity.

Researchers from Proofpoint have uncovered these email scams which promise COVID-19 relief and vaccines which are targeting workers in essential industries like medical, aerospace and pharmaceutical.

The scam email which looks like its from DHL Express

Cyber criminals are exploiting the pandemic and spoofing trusted and well-known organisations like DHL and the World Health Organisation which ask the recipient to click on links and provide personal and financial information.

These links execute a malicious application on the person’s PC which can be exploited in the future for remote access of their computer.

The fake DHL landing page created by the cyber criminals

Proofpoint revealed two examples of these scam emails.

The first one appears to be from DHL Express which talks about an undelivered COVID-19 vaccine that asks for you to submit your correct address and to click a link to schedule an appointment on a fake authentication page.

The second email looks like it’s from the World Health Organisation and asks recipients to download a file outlining the latest information about COVID-19.

The scam email which appears to come from the World Health Organisation

“Pandemic-themed attacks remain ever-present, and we’ve never observed such a convergence around a single social engineering lure for such an extended time,” says Sherrod DeGrippo, senior director, threat research and detection at Proofpoint.

“These campaigns transcend borders, languages, and industries.”

BEC (Business Email Compromise) fraud and email account compromise is one of the biggest online threats and hackers will continue to employ COVID-19-themed emails while the pandemic continues.

“Threat actors will continue to follow the money, spoof trusted brands, and rely on social engineering to succeed,” Proofpoint’s DeGrippo added.

“It’s important to remain wary of any unexpected messages.”