Vaccine-related phishing — Cybercriminals are exploiting the heightened focus on the COVID-19 vaccine to launch spear-phishing attacks. Capitalizing on fear and uncertainty, the attacks using urgency, social engineering, and other common tactics to lure victims.
Vaccine-related phishing emails impersonated a well-known brand or organization and included a link to a phishing website advertising early access to vaccines, offering vaccinations in exchange for a payment, or even impersonating health care professionals requesting personal information to check eligibility for a vaccine.
Business email compromise
Attackers use business email compromise (BEC) to impersonate individuals within an organization or their business partners. In recent years, it has been one of the most damaging email threats, costing business over $26 billion dollars. Recently, these highly targeted attacks turned to vaccine-related topics. We’ve seen attacks impersonating employees needing an urgent favor while they are getting a vaccine or an HR specialist advising that the organization has secured vaccines for their employees.
Use of compromised accounts in vaccine-related fraud
Cybercriminals use phishing attacks to compromise and takeover business accounts. Once inside, more sophisticated hackers will conduct reconnaissance activity before launching targeted attacks. More often than not, they use these legitimate accounts to send mass phishing and spam campaigns to as many individuals as possible before their activity is detected and they are locked out of an account.
Protecting against vaccine-related phishing
Be skeptical of all vaccine-related emails
Some email scams include offers to get the COVID-19 vaccine early, join a vaccine waiting list, and have the vaccine shipped directly to you. Don’t click on links or open attachments in these emails, as they are typically malicious.
Take advantage of artificial intelligence
Scammers are adapting email tactics to bypass gateways and spam filters, so it’s critical to have a solution that detects and protects against spear-phishing attacks, including brand impersonation, business email compromise, and email account takeover. Deploy purpose-built technology that doesn’t rely solely on looking for malicious links or attachments. Using machine learning to analyze normal communication patterns within your organization allows the solution to spot anomalies that may indicate an attack.
Deploy account-takeover protection
Don’t just focus on external email messages. Some of the most devastating and successful spear-phishing attacks originate from compromised internal accounts. Be sure scammers aren’t using your organization as a base camp to launch these attacks. Deploy technology that uses artificial intelligence to recognize when accounts have been compromised and that remediates in real time by alerting users and removing malicious emails sent from compromised accounts.
Train staffers to recognize and report attacks
Educate your users about spear-phishing attacks. Provide employees with up-to-date user awareness training about vaccine-related phishing, seasonal scams, and other potential threats. Ensure staffers can recognize the latest attacks and know how to report them to IT right away. Use phishing simulation for email, voicemail, and SMS to train users to identify cyberattacks, test the effectiveness of your training, and evaluate the most vulnerable users.
Set up strong internal policies to prevent fraud
All companies should establish and regularly review existing policies, to ensure that personal and financial information is handled properly. Help employees avoid making costly mistakes by creating guidelines and putting procedures in place to confirm all email requests for wire transfers and payment changes. Require in-person or telephone confirmation and/or approval from multiple people for all financial transactions.
Contact IT consulting service in Toronto
Get in touch with an expert team providing IT solutions in Toronto immediately. NUMENTIS helps users recover from viruses and malware safely and protect their network from being compromised. Speak to our support team immediately if you suspect your device has been compromised.