As various COVID-19 vaccines are being approved for vaccination and global distribution, cybercriminals are looming around and using fake websites, false cures, and scams, among other tactics.
Ongoing COVID-19 related scams
Cybercriminals are constantly using phishing, text messages, malvertising, and fake vaccines to target innocent users. Here are some of the common scams used by attackers.
- Fake products: Threat actors can be observed offering fake vaccines on sale online. These fake products are on sale at several dark web forums.
- Phishing emails: coronavirus-related phishing emails are again on the rise; this time most of the spam emails using vaccine-related topics as their subject.
- Malvertising: advertisements related to the COVID-19 outbreak or vaccine can be observed online. Such ads lead to fraudulent websites that may deploy malware or steal information.
- Text messages: COVID-19-related fraudulent texts are making the rounds with fake messages pretending to originate from government agencies that require an online coronavirus test.
- Vishing: The attackers were spotted using an uncommon voice phone scam in which they ask victims to press a number on their keypad to confirm an offer for a vaccine. In some cases, bank details were also requested.
- Recently, the U.S. Financial Crime Enforcement Network (FinCEN) had asked organizations in the financial sector to watch for and report evidence of COVID-19 vaccine fraud, ransomware, and other scams.
- Additionally, Interpol had alerted about the ongoing barrage of COVID-19-related scams and cybercrime.
A few vaccines have already been rolled out for COVID-19 but governments continue their efforts in this regard, and thus, threat actors are expected to take undue advantage of the situation. Therefore, experts recommend people treat any request for PII made over the phone, via text, or email carefully. Moreover, always cross-check information regarding vaccines if doubtful or visit the official website for the verified information.