TechTronBlog.com

Technology, Innovation, Collaboration
Menu
  • Features
  • Gadget
  • Mobile
  • Uncategorized

Daily Tech Updates Sent to your Email

Join our Newsletter
Home
Features
Phishing emails tempting people with fake coronavirus vaccines
Features

Phishing emails tempting people with fake coronavirus vaccines

August 17, 2020

As researchers race to develop a COVID-19 vaccine, phishing campaigns have landed on a topic ripe for exploitation, says Check Point Research.

” data-credit=”Image: Vladimir Obradovic, Getty Images/iStockphoto” rel=”noopener noreferrer nofollow”>Email / envelope with black document and skull icon. Virus, malware, email fraud, e-mail spam, phishing scam, hacker attack concept. Vector illustration

Image: Vladimir Obradovic, Getty Images/iStockphoto

Cybercriminals have exploited virtually every aspect of the coronavirus pandemic as they aim malware at people curious or anxious about the outbreak. We’ve seen phishing emails and malicious content centered around the initial spread of the virus, the resulting lockdown, the transition to remote working, the stimulus payments, and the return-to-work effort.

SEE: Fighting social media phishing attacks: 10 tips (free PDF) (TechRepublic) 


But one especially sensitive area found in many phishing emails has been the promise of a coronavirus vaccine. This topic naturally arouses attention and excitement as many people believe that the only way we’ll return to some sense of normalcy will be through a COVID-19 vaccine. A report released Tuesday by cyber threat intelligence provider Check Point Research highlights some of these campaigns and offers advice on how to combat them.

In one phishing attack analyzed by Check Point, emails touted a subject line of “URGENT INFORMATION LETTER: COVID-19 NEW APPROVED VACCINES.” The attached EXE file named “Download_Covid 19 New approved vaccines.23.07.2020.exe” promised details on a vaccine. But clicking on the file actually installs an InfoStealer that tries to obtain usernames, passwords, and other login information.

In another phishing campaign, an email is sent with the subject line: “UK coronavirus vaccine effort is progressing badly appropriate, recruiting consequence and elder adults.” The email contains a malicious link named “surgicaltoll\.com/vy2g4b\.html.” This link now seems to be inactive but previously redirected users to a medical phishing website called “thelifestillgoeson.su” that attempted to imitate a legitimate Canadian pharmacy.

” data-credit=”Image: Check Point Research” rel=”noopener noreferrer nofollow”>vaccine-phishing-website-check-point.jpg

Image: Check Point Research

Despite the prevalence of these phishing emails, the number of coronavirus-related cyberattacks has actually been dropping over the past few months. July saw a weekly average of 61,000 such attacks, a 50% decline from the 130,000 seen weekly in June. Still, as the virus continues to pose a threat, cybercriminals are more than happy to exploit the latest trends.

“Lately, we’re seeing a clear trend with hackers: Deceive the masses by their interest in coronavirus vaccines,” Check Point data manager Omer Dembinsky said in a press release. “Most of the campaigns involve a person’s inbox, which is concerning. Over 80% of attacks against organizations start from a malicious email. Email is the first link in a chain of attacks. Since email attacks usually involve the human factor, employees’ email inboxes are an organization’s weakest link.”

SEE: Cybersecurity: Let’s get tactical (free PDF) (TechRepublic)

To help protect yourself and your organization from these types of phishing attacks, Check Point offers the following advice:

  • Check the full email address on any message and be alert to hyperlinks that may contain misspellings of the actual domain name.
  • Do not supply login credentials or personal information in response to a text or email.
  • Protect mobile and endpoint browsing with advanced cyber security solutions, which prevent browsing to phishing web sites, whether known or unknown.
  • Use two-factor authentication to verify any change to account information or wire instructions.
  • Continuously educate your end users. Whenever irreversible actions such as money transfers are conducted, details of the transaction must be verified by additional means such as voice communication and must not exclusively rely on information from email correspondence.
  • Regularly monitor financial accounts.
  • Keep all software and systems up to date.
  • Make sure you are using an email security solution that blocks sophisticated phishing attacks like BEC (Business Email Compromise) in order to prevent them from reaching employees’ mailboxes to begin with.

“Closing this security gap requires protections against various threat vectors: Phishing, malware, data theft, and account takeover,” Dembinsky said. “I strongly urge everyone to closely read the subject lines of emails coming in. If it has the word ‘vaccine’ in it, think twice.”







Cybersecurity Insider Newsletter


Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays




Sign up today





Share
Tweet
Email
Prev Article
Next Article

Related Articles

https://www.techrepublic.com/article/security-this-nasty-surprise-could-be-waiting-for-retailers-when-they-open-up-again/#ftag=RSS56d97e7

Security: This nasty surprise could be waiting for retailers when they open up again

https://www.techrepublic.com/article/study-finds-misconfigured-cloud-storage-services-in-93-of-cloud-deployments-analyzed/#ftag=RSS56d97e7

Study finds misconfigured cloud storage services in 93% of cloud deployments analyzed

About The Author

Leave a Reply

Cancel reply

Recent Posts

  • New tech and gadgets you absolutely can’t miss
  • Razer Pro Click ergonomic wireless mouse maximizes your productivity
  • Lume Cube Panel Mini Bicolor LED Light provides on-the-go lighting for photographers
  • LINKA LEO GPS Smart Bike Lock can track your bicycle’s movements in more than 100 countries
  • Razer Pro Glide soft mouse mat cushions your hand during use

Recent Comments

    Archives

    • August 2020

    Categories

    • Features
    • Gadget
    • Mobile
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    TechTronBlog.com

    Technology, Innovation, Collaboration
    Copyright © 2021 TechTronBlog.com
    Theme by MyThemeShop.com

    Ad Blocker Detected

    Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

    Refresh