As millions of people are waiting for the COVID-19 vaccine, hackers are abusing the situation to make big bucks. From stealing vaccine data to scamming vulnerable populations, the perpetrators are attacking a society on the verge of a global catastrophe. Is there any reason to worry, and what should you do to stay secure?
Dec 17, 2020 · 4 min read
In December, INTERPOL issued an alert to law enforcement across 194 countries, warning them to prepare for crimes revolving around COVID-19 vaccines. Hackers are already targeting individuals, companies, and government agencies. Investigators have also reported vaccine-related activities on the dark web. Let’s discuss the most recent cases.
While the world was watching the first person in the UK getting the jab, hackers were already sending out phishing emails. Research has revealed that people received emails encouraging them to fill out a form to register for a vaccination. What perpetrators were looking for was personal information and users credentials.
Although the emails were poorly written and contained grammatical errors, some people probably fell for the scam. It will take a while to vaccinate millions of people, and phishing emails will be around until the pandemic ends.
An IBM security team revealed an international cyber-espionage scheme. Hackers sent phishing emails to organizations in the vaccine supply chain in six different countries. They targeted both governmental organizations and companies.
IBM experts claim that the attack started in September. Perpetrators impersonated an executive from a Chinese company involved in the supply chain to make it look more realistic. The phishing emails contained malware and asked for people’s login credentials.
As the targets were very specific, researchers believe that the attack was conducted by a foreign entity with the intention of learning about the vaccine distribution infrastructure.
The European Medicines Agency (EMA) suffered a cyberattack, and documents related to the development of the COVID-19 vaccine by the US drugmaker Pfizer and its German partner BioNTech were accessed.
The documents included information about the candidate vaccine, its possible side effects, efficiency, and other highly confidential medical information. However, the companies said that no personal information of trial participants was revealed. The EMA did not give any explanation as to how the attack was conducted.
Governments will distribute the COVID-19 vaccines at their own pace, and it will definitely take time. Follow your local news and read the information on official government websites to get the latest updates. However, we can assure you that:
Consider requests for sensitive information carefully. If you get a call, SMS message, or email asking for your personal details like passwords, credit card numbers, or your home address, it’s a scam. Criminals can pretend they are from your local hospital or any other health organization. Everything might look very professional, leaving no room for doubt.
Nobody will ask you to pay for putting your name on a vaccination list. Perpetrators can try to persuade you to pay for the vaccine to get it before everyone else. They might send phishing emails encouraging you to click on a link referring to a fake website to make a payment.
No third parties will be allowed to advertise vaccines online. If you bump into ads or pop-ups offering to buy a vaccine, ignore them — it’s almost certainly a scam. Vaccines will be distributed by healthcare providers, and they definitely won’t use pay-per-click advertising to inform citizens.
Vaccines won’t be sold online. Hackers can set fake websites impersonating legit online pharmacies to trick you into buying a vaccine. A recent analysis by INTERPOL’s Cybercrime Unit exposed 3,000 websites selling illicit medicines and around 1,700 containing malware. These numbers will definitely grow in 2021.
In June 2020, the UCSF School of Medicine paid a $1.14 million ransom after hackers encrypted important information related to COVID-19 vaccine development. Cybersecurity experts predict that ransomware will be among the main threats to healthcare organizations during vaccine distribution. With millions infected and dying every day, hospitals might have no other choice but to pay the perpetrators.
While a scammed individual might only lose their money, an attack on a healthcare institution could break the whole distribution chain and even lead to the death of the most vulnerable members of society.
Hackers won’t back off, and vaccine-related criminal activities will only surge. Cybersecurity and general awareness are now more important than ever.
Stay safe, everyone! For more cybersecurity and privacy tips, subscribe to our monthly blog newsletter below.