Vaccine phishing scams rise by over 500 per cent

Vaccine-related scams have risen by 530 per cent, according to a new report by Unit 42, the Palo Alto Networks threat intelligence team. 

The research looked at vaccine-lated phishing attacks between December 2020 and February 2021. During the same period, phishing attacks relating to and/or targeting pharmacies and hospitals rose by 189 per cent.  

The report documents what Unit 42 has called a cyber crime “gold rush” aimed at taking advantage of COVID-19 in every way possible. It shows how cyber criminals are having great success during the pandemic as people are constantly looking for information on the virus, treatments, vaccines and the economic crisis.

To compile the research, Unit 42 generated sets of specific keywords that served as indicators for each COVID-related topic, and applied keyword-matching to determine which phishing URLs were related to each topic. This revealed that cyber criminals have been continuously evolving their tactics to adapt to the changes of the pandemic. 

While the focus in early 2020 was on test kits and PPE, this has now shifted to the vaccine approval process, and most recently, immunisation clinics. 

The report shows how cyber criminals have set up fake websites to steal user credentials, including a fake Pfizer and BioNTech website. The phishing page asks users to log in with their Office 365 credentials, supposedly to sign up for the vaccine. 

One particular phishing website used an increasingly common technique known as “client-side cloaking” - asking users to click the "login" button to evade automated phishing detectors.  

Microsoft is the brand most targeted by attackers, with fake Microsoft pages set up by attackers to steal information from employees at organisations such as Walgreens in the US, Pharmascience in Canada, and Junshi Biosciences in China. 

As the vaccination rollout continues, it is predicted that phishing attacks related to vaccine distribution will continue to rise worldwide.

The report also contains recommendations for both individuals and organisations to protect themselves from phishing attacks.